├── lists
    ├── educational-tld-nz.txt
    ├── adguard-regex
    │   └── regex-vpn-proxy-tunnel.txt.txt
    ├── agh-educational-nz.txt
    ├── microsoft
    │   ├── microsoft-common.txt
    │   ├── microsoft-teams.txt
    │   ├── microsoft-office-suite.txt
    │   ├── microsoft-azure.txt
    │   ├── microsoft-authentication.txt
    │   ├── microsoft-outlook-application.txt
    │   └── microsoft-misc.txt
    ├── AI
    │   ├── allowlist-chat-ai_agh.txt
    │   └── allowlist-chat-ai_hosts.txt
    ├── social-media
    │   ├── agh-tiktok.txt
    │   ├── meta_facebook_allowlist.txt
    │   └── agh-facebook-social.txt
    ├── dns-upstream.txt
    ├── iot
    │   └── tplink-smartplugs.txt
    ├── private-own-allowlist.txt
    ├── android-basic-allowlist.txt
    ├── connectivity-tests-common.txt
    ├── streaming
    │   ├── disney-plus.txt
    │   ├── youtube.txt
    │   ├── netflix.txt
    │   ├── spotify.txt
    │   └── plex.txt
    ├── updates
    │   ├── windows-updates-agh.txt
    │   ├── windows-updates-hosts.txt
    │   ├── windows-defender-hosts.txt
    │   └── windows-defender-agh.txt
    ├── signal.txt
    ├── foss.txt
    ├── list-domains.txt
    ├── mdm-services.txt
    ├── smart-tv
    │   └── agh-allow-samsung-smart-tv.txt
    ├── gaming
    │   ├── xbox.txt
    │   └── agh-allow-gaming.txt
    ├── starlink_allow.txt
    ├── ios-basic-allowlist.txt
    ├── core-allowlist-requested.txt
    ├── tld_critical_allowlist.txt
    ├── keeping_others_happy.txt
    ├── core-allowlist.txt
    └── core-allowlist-adguard.txt
├── .gitattributes
├── .github
    └── ISSUE_TEMPLATE
    │   └── issue.md
└── README.md


/lists/educational-tld-nz.txt:
--------------------------------------------------------------------------------
1 | @@||ac.nz^$important
2 | @@||school.nz^$important


--------------------------------------------------------------------------------
/lists/adguard-regex/regex-vpn-proxy-tunnel.txt.txt:
--------------------------------------------------------------------------------
1 | @@||/^proxy|vpn|tunnel|tor|onion/


--------------------------------------------------------------------------------
/lists/agh-educational-nz.txt:
--------------------------------------------------------------------------------
1 | @@||ac.nz^$important
2 | @@||school.nz^$important
3 | 


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-common.txt:
--------------------------------------------------------------------------------
1 | microsoft.com
2 | xboxlive.com
3 | onedrive.com
4 | msftncsi.com
5 | msn.com
6 | msauth.net
7 | live.net
8 | windows.net
9 | msedge.net


--------------------------------------------------------------------------------
/lists/AI/allowlist-chat-ai_agh.txt:
--------------------------------------------------------------------------------
1 | # chatgpt
2 | chat.openai.com.cdn.cloudflare.net^
3 | chat.openai.com^
4 | beta.openai.com^
5 | openai.com^
6 | # others
7 | writesonic.com^
8 | you.com^


--------------------------------------------------------------------------------
/lists/social-media/agh-tiktok.txt:
--------------------------------------------------------------------------------
1 | # allowlist for Tiktok
2 | @@||tiktok.com
3 | @@||tiktokcdn.com
4 | @@||ttwstatic.com
5 | @@||starling-oversea.byteoversea.com
6 | @@||vmweb-sg.byteoversea.com


--------------------------------------------------------------------------------
/lists/AI/allowlist-chat-ai_hosts.txt:
--------------------------------------------------------------------------------
1 | # chatgpt
2 | chat.openai.com.cdn.cloudflare.net
3 | chat.openai.com
4 | beta.openai.com
5 | openai.com
6 | # others
7 | writesonic.com
8 | you.com
9 | www.you.com


--------------------------------------------------------------------------------
/lists/dns-upstream.txt:
--------------------------------------------------------------------------------
1 | @@||nextdns.io^$important
2 | @@||quad9.net^$important
3 | # there could be more dns upstream providers but some others don't meet privacy or security basics or malware protection.
4 | 


--------------------------------------------------------------------------------
/lists/iot/tplink-smartplugs.txt:
--------------------------------------------------------------------------------
1 | # tplink smart plugs
2 | @@||use1-api.tplinkra.com^
3 | @@||n-aps1-wap.tplinkcloud.com^
4 | !@@||api.tplinkra.com^ # not needed?
5 | !@@||assets.tplinkra.com^ # not needed?
6 | 


--------------------------------------------------------------------------------
/lists/private-own-allowlist.txt:
--------------------------------------------------------------------------------
1 | ! My own allowlist for filters / AdGuard / AdGuardHome
2 | ! Use at your own discretion
3 | cloudfront.net^$important
4 | stackpathcdn.com^
5 | pixel.spotify.com^
6 | pixel-static.spotify.com^
7 | azurewebsites.net^$important


--------------------------------------------------------------------------------
/lists/android-basic-allowlist.txt:
--------------------------------------------------------------------------------
1 | # Refer to https://www.netify.ai/resources/applications/android
2 | android.clients.google.com
3 | android.com
4 | android.googleapis.com
5 | play-fe.googleapis.com
6 | play-lh.googleusercontent.com
7 | play.google.com
8 | play.googleapis.com


--------------------------------------------------------------------------------
/lists/connectivity-tests-common.txt:
--------------------------------------------------------------------------------
1 | # Connectivity Tests Allow or else devices may say "no internet"
2 | connectivitycheck.gstatic.com
3 | connectivitycheck.android.com
4 | connectivity-check.ubuntu.com
5 | msftconnecttest.com
6 | www.msftncsi.com
7 | dns.msftncsi.com
8 | ipv6.msftconnecttest.com
9 | 


--------------------------------------------------------------------------------
/lists/streaming/disney-plus.txt:
--------------------------------------------------------------------------------
 1 | # Disney plus allowlist
 2 | disneyplus.com
 3 | bamgrid.com
 4 | bam.nr-data.net
 5 | cdn.registerdisney.go.com
 6 | cws.conviva.com
 7 | d9.flashtalking.com
 8 | disney-portal.my.onetrust.com
 9 | disneyplus.bn5x.net
10 | js-agent.newrelic.com
11 | disney-plus.net
12 | dssott.com
13 | adobedtm.com
14 | starott.com
15 | disneyplug.disney.co.jp


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-teams.txt:
--------------------------------------------------------------------------------
 1 | api.teams.skype.com
 2 | img.teams.skype.com
 3 | lync.cn
 4 | lync.com
 5 | sfbassets.com
 6 | skypeforbusiness.com
 7 | teams-msedge.net
 8 | teams.cdn.live.net
 9 | teams.cdn.office.net
10 | teams.events.data.microsoft.com
11 | teams.live.com
12 | teams.microsoft.com
13 | teams.microsoft.us
14 | teams.office.com
15 | teams.office.net
16 | teams.skype.com


--------------------------------------------------------------------------------
/lists/updates/windows-updates-agh.txt:
--------------------------------------------------------------------------------
1 | # Sourced from https://learn.microsoft.com/en-us/windows/privacy/manage-windows-21h2-endpoints
2 | @@||prod.do.dsp.mp.microsoft.com^
3 | @@||emdl.ws.microsoft.com
4 | @@||dl.delivery.mp.microsoft.com^
5 | @@||windowsupdate.com^
6 | @@||delivery.mp.microsoft.com^
7 | @@||update.microsoft.com^
8 | @@||adl.windows.com
9 | @@||tsfe.trafficshaping.dsp.mp.microsoft.com


--------------------------------------------------------------------------------
/lists/signal.txt:
--------------------------------------------------------------------------------
 1 | ud-chat.signal.org
 2 | chat.signal.org
 3 | storage.signal.org
 4 | signal.org
 5 | www.signal.org
 6 | updates2.signal.org
 7 | textsecure-service-whispersystems.org
 8 | giphy-proxy-production.whispersystems.org
 9 | cdn.signal.org
10 | whispersystems-textsecure-attachments.s3-accelerate.amazonaws.com
11 | d83eunklitikj.cloudfront.net
12 | souqcdn.com
13 | cms.souqcdn.com
14 | api.directory.signal.org
15 | contentproxy.signal.org
16 | turn1.whispersystems.org


--------------------------------------------------------------------------------
/lists/foss.txt:
--------------------------------------------------------------------------------
 1 | 0.ubuntu.pool.ntp.org
 2 | 1.ubuntu.pool.ntp.org
 3 | 2.ubuntu.pool.ntp.org
 4 | 3.ubuntu.pool.ntp.org
 5 | archive.ubuntu.com
 6 | auth.docker.io
 7 | charts.fluxcd.io
 8 | download.docker.com
 9 | files.pythonhosted.org
10 | get.k3s.io
11 | github.com
12 | launchpad.net
13 | ntp.ubuntu.com
14 | production.cloudflare.docker.com
15 | pypi.org
16 | pypi.python.org
17 | raspbian.raspberrypi.com
18 | registry-1.docker.io
19 | repo.saltstack.com
20 | security.ubuntu.com


--------------------------------------------------------------------------------
/lists/social-media/meta_facebook_allowlist.txt:
--------------------------------------------------------------------------------
 1 | b-graph-fallback.facebook.com
 2 | b-graph.facebook.com
 3 | connect.facebook.com
 4 | connect.facebook.net
 5 | graph-fallback.facebook.com
 6 | graph-fallback.instagram.com
 7 | graph.facebook.com
 8 | graph.fbpigeon.com
 9 | graph.instagram.com
10 | graph.whatsapp.com
11 | graph.whatsapp.net
12 | mqtt-mini.facebook.com
13 | star.c10r.facebook.com
14 | star.fallback.c10r.facebook.com
15 | web.facebook.com
16 | z-m-graph.facebook.com


--------------------------------------------------------------------------------
/lists/streaming/youtube.txt:
--------------------------------------------------------------------------------
 1 | # youtube
 2 | accounts.youtube.com
 3 | img.youtube.com
 4 | m.youtube.com
 5 | music.youtube.com
 6 | s.youtube.com
 7 | s2.youtube.com
 8 | tv.youtube.com
 9 | www.youtube.com
10 | www.youtube-nocookie.com
11 | www.youtube.com
12 | www.youtubekids.com
13 | youtube-dl.org
14 | youtube-nocookie.com
15 | youtube-ui.l.google.com
16 | youtubei.googleapis.com
17 | ! googlevideo.com # may include in-video ads within the CDN / content. Do not allow global domain
18 | 


--------------------------------------------------------------------------------
/lists/list-domains.txt:
--------------------------------------------------------------------------------
 1 | # for lists we use and development purposes.
 2 | # domains would host lists for blocklist allowlist or likewise.
 3 | github.com
 4 | github.dev
 5 | githubusercontent.com
 6 | raw.githubusercontent.com
 7 | github.io
 8 | gitlab.com
 9 | firebog.net
10 | v.firebog.net
11 | hostfiles.frogeye.fr
12 | adaway.org
13 | # add akamai.net for CDN. Some subdomains could be blocked if related to advertising. But blocking just akamai.net breaks quite alot of websites
14 | akamai.net


--------------------------------------------------------------------------------
/lists/mdm-services.txt:
--------------------------------------------------------------------------------
 1 | ### hosts file format 
 2 | ### Created by github.com/systemjargon/allowlists
 3 | ### This list could be used in the scenario of allowing some required domains for the purposes MDM or the likes of other mangagement endpoints. Not an exhaustive list.
 4 | # Microsoft autopilot
 5 | ztd.dds.microsoft.com
 6 | # intune and azure portals
 7 | portal.azure.com
 8 | intune.microsoft.com
 9 | # Meraki MDM
10 | m.meraki.com
11 | # Google Family Link
12 | familylink.google.com
13 | 


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-office-suite.txt:
--------------------------------------------------------------------------------
 1 | assets-yammer.com
 2 | clo.footprintdns.com
 3 | e3394.dscc.akamaiedge.ne
 4 | e3394.dscg.akamaiedge.ne
 5 | microsoftonline-p.com
 6 | microsoftonline.com
 7 | msocdn.com
 8 | msocsp.com
 9 | nrb.footprintdns.com
10 | o365filtering.com
11 | office.com
12 | office.de
13 | office.microsoft
14 | office.net
15 | office365.com
16 | office365.us
17 | officeapps.live.com
18 | officecdn.microsoft.com
19 | officeclient.microsoft.com
20 | onmicrosoft.com
21 | svc.ms
22 | yammer.com


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-azure.txt:
--------------------------------------------------------------------------------
 1 | aadrm.com
 2 | azure-api.us
 3 | azure-devices.net
 4 | azure-dns.com
 5 | azure-dns.info
 6 | azure-dns.net
 7 | azure-dns.org
 8 | azure.com
 9 | azure.microsoft
10 | azure.microsoft.com
11 | azure.us
12 | azurecr.us
13 | azuredns-prd.info
14 | azuredns-prd.org
15 | azureedge.net
16 | azureedge.us
17 | azurefd.net
18 | azurefd.us
19 | azurewebsites.net
20 | cloudapp.net
21 | dns-tm.com
22 | edgedns-tm.info
23 | trafficmanager.net
24 | usgovcloudapi.net
25 | usgovtrafficmanager.net
26 | vsassets.io
27 | windowsazure.com


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
 1 | # Format
 2 | /adblock/*.txt linguist-language=adblock linguist-detectable
 3 | /dnsmasq/*.txt linguist-language=fundamental linguist-detectable
 4 | /domains/*.txt linguist-language=fundamental linguist-detectable
 5 | /hosts/*.txt linguist-language=hosts linguist-detectable
 6 | /regex/*.txt linguist-language=regex linguist-detectable
 7 | /wildcard/*.txt linguist-language=fundamental linguist-detectable
 8 | /*.txt linguist-language=fundamental linguist-detectable
 9 | 
10 | # Auto detect text files and perform LF normalization
11 | * text=auto eol=lf
12 | 


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-authentication.txt:
--------------------------------------------------------------------------------
 1 | account.live-int.com
 2 | account.live.com
 3 | activedirectory.windowsazure.com
 4 | authgfx.msa.akadns6.net
 5 | client.hip.live.com
 6 | graph.microsoft.com
 7 | graph.windows.net
 8 | login.live-int.com
 9 | login.live.com
10 | login.microsoft.com
11 | login.microsoftonline.com
12 | login.windows.net
13 | microsoftazuread-sso.com
14 | msagfx.live.com
15 | msauth.net
16 | msftauth.net
17 | msidentity.com
18 | myaccount.microsoft.com
19 | mysignins.microsoft.com
20 | passport.net
21 | passwordreset.microsoftonline.com
22 | signup.live.com


--------------------------------------------------------------------------------
/lists/updates/windows-updates-hosts.txt:
--------------------------------------------------------------------------------
 1 | ## Below domains commented out as not appearing as used by Windows Update. Previously the domains may have been used.
 2 | # windowsupdate.microsoft.com
 3 | # update.microsoft.com
 4 | # windowsupdate.com
 5 | # download.windowsupdate.com
 6 | # download.microsoft.com
 7 | # go.microsoft.com
 8 | ## Sourced from https://learn.microsoft.com/en-us/windows/privacy/manage-windows-21h2-endpoints
 9 | prod.do.dsp.mp.microsoft.com
10 | emdl.ws.microsoft.com
11 | dl.delivery.mp.microsoft.com
12 | delivery.mp.microsoft.com
13 | adl.windows.com
14 | tsfe.trafficshaping.dsp.mp.microsoft.com


--------------------------------------------------------------------------------
/lists/streaming/netflix.txt:
--------------------------------------------------------------------------------
 1 | # netflix allowlist
 2 | netflix.com
 3 | nflxext.com
 4 | nflximg.com
 5 | nflximg.net
 6 | nflxso.net
 7 | oca.nflxvideo.net # OpenConnect Appliance for CDN of playback. Proven by by Geo-HAProxy repo.
 8 | nflxvideo.net
 9 | www.netflix.com
10 | www.nflxext.com
11 | www.nflximg.com
12 | www.nflximg.net
13 | www.nflxso.net
14 | www.nflxvideo.net
15 | nrdp.prod.ftl.netflix.com
16 | # ichnaea.netflix.com # known tracker do not allow
17 | # api-global.netflix.com # test whether actually needed or not
18 | # appboot.netflix.com # test whether actually needed or not
19 | # secure.netflix.com # test whether actually needed or not
20 | # amazonaws.com # allow as may break mozilla or browsers with netflix-user-profile-pin
21 | 


--------------------------------------------------------------------------------
/lists/smart-tv/agh-allow-samsung-smart-tv.txt:
--------------------------------------------------------------------------------
 1 | # AdGuardHome allowlist for Samsung SmartThing / SmartTV
 2 | # Can be used for allowlist or customized further if you wish. focus on devices tagged with ^$ctag=device_tv
 3 | !@@||samsungqbe.com^$ctag=device_tv # may let updates to the TV come through if allowed/uncommented.
 4 | @@||asset-cdn.samsungvisioncloud.com^$ctag=device_tv # smart tv connection fix?
 5 | @@||cdn.samsungcloudsolution.com^$ctag=device_tv # smart tv connection fix?
 6 | @@||lcprd1.samsungcloudsolution.net^$ctag=device_tv
 7 | @@||mobile.launchdarkly.com^$ctag=device_tv # Samsung Smart Things
 8 | @@||sas.samsungcloudsolution.com^$ctag=device_tv
 9 | @@||smartthings.com^$ctag=device_tv # Samsung Smart Things
10 | @@||time.samsungcloudsolution.com^$ctag=device_tv
11 | 


--------------------------------------------------------------------------------
/lists/streaming/spotify.txt:
--------------------------------------------------------------------------------
 1 | # spotify allowlist
 2 | #market.spotify.com
 3 | #upgrade.scdn.com
 4 | api-tv.spotify.com # needed possibly for TV's playing Spotify App
 5 | apresolve.spotify.com
 6 | audio-ak-spotify-com.akamaized.net
 7 | audio-ake.spotify.com.edgesuite.net
 8 | audio-akp-bbr-spotify-com.akamaized.net
 9 | audio4-ak-spotify-com.akamaized.net
10 | audio4-fa.scdn.co
11 | heads-ak-spotify-com.akamaized.net
12 | i.scdn.co
13 | mobile-ap.spotify.com
14 | pscdn.co
15 | scdn.co
16 | spclient.wg.spotify.com
17 | spotify-com.akamaized.net
18 | !spotify.com # not allow global domain. provide more subdomains to allow.
19 | spotify.com.edgesuite.net
20 | spotify.demdex.net
21 | spotify.edgekey.net
22 | spotify.map.fastly.net
23 | spotifycdn.net
24 | #spotilocal.com
25 | www.pscdn.co
26 | www.scdn.co
27 | www.spotify.com
28 | www.spotifycdn.net
29 | #www.spotilocal.com
30 | 


--------------------------------------------------------------------------------
/lists/streaming/plex.txt:
--------------------------------------------------------------------------------
 1 | 106c06cd218b007d-b1e8a1331f68446599e96a4b46a050f5.ams.plex.services
 2 | app.plex.tv
 3 | dashboard.plex.tv
 4 | downloads.plex.tv
 5 | #meta-db-worker02.pop.ric.plex.bz # metadata? TBC
 6 | #meta.plex.tv # metadata? TBC
 7 | #metrics.plex.tv # metrics as in Telemetry? TBC.
 8 | #news.provider.plex.tv # do not use news. Whitelist if required.
 9 | nine.plugins.plexapp.com
10 | node.plexapp.com
11 | o1.email.plex.tv
12 | o2.sg0.plex.tv
13 | plex.direct
14 | !plex.tv # not allowing global domain, list more subdomains to allow instead.
15 | plex.tv.cdn.cloudflare.net
16 | plexapp.com
17 | plexapp.com.cdn.cloudflare.net
18 | podcasts.provider.plex.tv
19 | proxy.plex.tv
20 | pubsub.plex.tv
21 | resources-cdn.plexapp.com
22 | staging.plex.tv
23 | status.plex.tv
24 | tvdb2.plex.tv
25 | tvthemes.plexapp.com
26 | tvthemes.plexapp.com.cdn.cloudflare.net
27 | vod.provider.plex.tv
28 | webshows.provider.plex.tv
29 | www.plex.direct
30 | www.plex.tv
31 | www.plexapp.com
32 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/issue.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: ISSUE
 3 | about: Report an issue
 4 | title: "[ISSUE] - "
 5 | labels: bug / issue
 6 | assignees: SystemJargon
 7 | 
 8 | ---
 9 | 
10 | ### Subject of the issue
11 | Describe your issue here. 
12 | 
13 | ### Your observation/s and environment:
14 | 
15 | * Does a domain or URL not load/does load because of it being on an allowlist/blocklist?
16 | * What web browser and version are you using
17 | * Confirmed it is not upstream DNS not-blocking/blocking said URL/Domain or other such issue.
18 | * Is this an issue related to this repository?
19 | * Screenshots/source files are nice to include.
20 | 
21 | ### Steps to reproduce
22 | Tell us how to reproduce this issue. 
23 | 
24 | ### Expected behaviour
25 | Tell us what should happen
26 | 
27 | ### Actual behaviour
28 | Tell us what happens instead
29 | 
30 | ### Successful allow listing
31 | It will be added [here](https://raw.githubusercontent.com/SystemJargon/allowlists/main/lists/core-allowlist-requested.txt)
32 | 


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-outlook-application.txt:
--------------------------------------------------------------------------------
 1 | acdc-direct.office.com
 2 | acompli.net
 3 | atm-fp-direct.office.com
 4 | attachments-dod.office365-net.us
 5 | attachments.office.net
 6 | attachments.office365-net.cn
 7 | attachments.office365-net.de
 8 | attachments.office365-net.us
 9 | ha-smtp.live.com
10 | hotmail.com
11 | imap-mail.outlook.com
12 | mail.live.com
13 | mail.microsoft.com
14 | ms-acdc.office.com
15 | olsvc.com
16 | ooc.tm-2.office.com
17 | outlook-1.cdn.office.net
18 | outlook-dod.office365.us
19 | outlook.cn
20 | outlook.com
21 | outlook.ha.office365.com
22 | outlook.live.com
23 | outlook.live.net
24 | outlook.office.com
25 | outlook.office.de
26 | outlook.office365.com
27 | outlook.office365.us
28 | outlookmobile.com
29 | ow1.res.office365.com
30 | ow2.res.office365.com
31 | pop3.live.com
32 | postmaster.live.com
33 | postmaster.msn.com
34 | r1.res.office365.com
35 | r3.res.office365.com
36 | r4.res.office365.com
37 | smtp.live.com
38 | smtp.office365.com
39 | substrate.office.com
40 | webmail.apps.mil


--------------------------------------------------------------------------------
/lists/gaming/xbox.txt:
--------------------------------------------------------------------------------
 1 | ## AdGuardHome format list (you can modify to your own format if required).
 2 | ## These hosts maybe required to permit xbox signin and account management or certain game play (online). Discretionary allow.
 3 | @@||xbox.com^$ctag=device_gameconsole
 4 | @@||v10.events.data.microsoft.com^$ctag=device_gameconsole
 5 | @@||v20.events.data.microsoft.com^$ctag=device_gameconsole
 6 | @@||self.events.data.microsoft.com^$ctag=device_gameconsole
 7 | @@||settings-win.data.microsoft.com^$ctag=device_gameconsole
 8 | @@||live.com^$ctag=device_gameconsole # signin services confirmed using this via nextgen/current consoles no longer auth.passport.net
 9 | !@@||msn.com^$ctag=device_gameconsole # unconfirmed - comment for now. msn.com is usually ad-full junk by reputation for a long time.
10 | ## common games trending and developers main domain - note may require additional domain names.
11 | @@||epicgames.com^$ctag=device_gameconsole
12 | @@||roblox.com^$ctag=device_gameconsole
13 | ## other
14 | @@||crl.godaddy.com^$ctag=device_gameconsole # observed during pcap during some games being played online.
15 | 


--------------------------------------------------------------------------------
/lists/gaming/agh-allow-gaming.txt:
--------------------------------------------------------------------------------
 1 | ## Note may allow telemetry when using ^ (subdomains included)
 2 | ## ensure your game devices or consoles are tagged with "device_gameconsole" for this list to work correctly.
 3 | ## this despite the name, may include a gaming pc but with client tag "device_gameconsole".
 4 | # xbox console
 5 | @@||xbox.com^$ctag=device_gameconsole
 6 | @@||microsoft.com^$ctag=device_gameconsole
 7 | @@||live.com^$ctag=device_gameconsole
 8 | @@||catalog.gamepass.com^$ctag=device_gameconsole
 9 | @@||xboxlive.com^$ctag=device_gameconsole
10 | !@@||msn.com^$ctag=device_gameconsole # to validate. Comment for now.
11 | !||arc.msn.com^$ctag=device_gameconsole # to validate
12 | @@||crl.godaddy.com^$ctag=device_gameconsole # cert verfication
13 | # playstation console
14 | @@||playstation.net^device_gameconsole
15 | @@||playstation.com^$ctag=device_gameconsole
16 | @@||sonyentertainmentnetwork.com^device_gameconsole
17 | # game developers - publishers - known domains and subdomains.
18 | @@||roblox.com^$ctag=device_gameconsole
19 | @@||rbxcdn.com^$ctag=device_gameconsole
20 | @@||roblox-api.arkoselabs.com.cdn.cloudflare.net^$ctag=device_gameconsole
21 | @@||epicgames.com^$ctag=device_gameconsole
22 | @@||rockstargames.com^$ctag=device_gameconsole
23 | @@||battle.net^$ctag=device_gameconsole
24 | @@||blizzard.com^$ctag=device_gameconsole
25 | @@||ea.com^$ctag=device_gameconsole
26 | @@||eac-cdn.com^$ctag=device_gameconsole # easy anti-cheat
27 | 


--------------------------------------------------------------------------------
/lists/updates/windows-defender-hosts.txt:
--------------------------------------------------------------------------------
 1 | # Windows Defender needed whitelist. Sourced from https://learn.microsoft.com/en-us/windows/privacy/manage-windows-21h2-endpoints
 2 | go.microsoft.com
 3 | wdcp.microsoft.com
 4 | smartscreen-prod.microsoft.com
 5 | checkappexec.microsoft.com
 6 | # Below Sourced from https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus?view=o365-worldwide
 7 | wdcpalt.microsoft.com
 8 | wd.microsoft.com
 9 | ctldl.windows.com
10 | update.microsoft.com
11 | delivery.mp.microsoft.com
12 | windowsupdate.com
13 | download.microsoft.com
14 | download.windowsupdate.com
15 | ussus1eastprod.blob.core.windows.net
16 | ussus2eastprod.blob.core.windows.net
17 | ussus3eastprod.blob.core.windows.net
18 | ussus4eastprod.blob.core.windows.net
19 | wsus1eastprod.blob.core.windows.net
20 | wsus2eastprod.blob.core.windows.net
21 | ussus1westprod.blob.core.windows.net
22 | ussus2westprod.blob.core.windows.net
23 | ussus3westprod.blob.core.windows.net
24 | ussus4westprod.blob.core.windows.net
25 | wsus1westprod.blob.core.windows.net
26 | wsus2westprod.blob.core.windows.net
27 | usseu1northprod.blob.core.windows.net
28 | wseu1northprod.blob.core.windows.net
29 | usseu1westprod.blob.core.windows.net
30 | wseu1westprod.blob.core.windows.net
31 | ussuk1southprod.blob.core.windows.net
32 | wsuk1southprod.blob.core.windows.net
33 | ussuk1westprod.blob.core.windows.net
34 | wsuk1westprod.blob.core.windows.net
35 | crl.microsoft.com


--------------------------------------------------------------------------------
/lists/microsoft/microsoft-misc.txt:
--------------------------------------------------------------------------------
 1 | aka.ms
 2 | appcenter.ms
 3 | aspnetcdn.com
 4 | auth.gfx.ms
 5 | clarity.ms
 6 | dynamics.com
 7 | exp-tas.com
 8 | gfx.ms
 9 | live.com
10 | live.net
11 | microsoft
12 | microsoft.az
13 | microsoft.be
14 | microsoft.by
15 | microsoft.ca
16 | microsoft.cat
17 | microsoft.ch
18 | microsoft.cl
19 | microsoft.com
20 | microsoft.com.nsatc.net
21 | microsoft.cz
22 | microsoft.de
23 | microsoft.dk
24 | microsoft.ee
25 | microsoft.es
26 | microsoft.eu
27 | microsoft.fi
28 | microsoft.ge
29 | microsoft.hu
30 | microsoft.io
31 | microsoft.is
32 | microsoft.it
33 | microsoft.jp
34 | microsoft.lt
35 | microsoft.lu
36 | microsoft.lv
37 | microsoft.md
38 | microsoft.net
39 | microsoft.pl
40 | microsoft.pt
41 | microsoft.red
42 | microsoft.ro
43 | microsoft.rs
44 | microsoft.ru
45 | microsoft.se
46 | microsoft.si
47 | microsoft.tv
48 | microsoft.ua
49 | microsoft.us
50 | microsoft.uz
51 | microsoft.vn
52 | microsoftonline.us
53 | microsoftrewards.com
54 | microsoftstoreemail.com
55 | microsofttranslator.com
56 | microsoftwindows.112.2o7.net
57 | msa.akadns6.net
58 | msappproxy.net
59 | msecnd.net
60 | msft.net
61 | msftconnecttest.com
62 | msftncsi.com
63 | msftstatic.com
64 | mshome.net
65 | nelreports.net
66 | nsatc.net
67 | onenote.net
68 | onestore.ms
69 | powerbi.com
70 | s-microsoft.com
71 | s-msft.com
72 | sfx.ms
73 | swiftkey.com
74 | touchtype-fluency.com
75 | wbd.ms
76 | wd-prod-cp-us-west-1-fe.westus.cloudapp.azure.com
77 | whiteboard.ms
78 | windowsmedia.com
79 | windowsphone.com
80 | wpc.v0cdn.net


--------------------------------------------------------------------------------
/lists/starlink_allow.txt:
--------------------------------------------------------------------------------
 1 | @@||starlink.com^                           # Primary Starlink domain
 2 | @@||api.starlink.com^                       # API endpoints
 3 | @@||connect.starlink.com^                   # Network connection service
 4 | @@||shop.starlink.com^                      # Starlink shop
 5 | @@||setup.starlink.com^                     # Setup landing pages
 6 | @@||www.starlink.com^                       # Web frontend
 7 | @@||support.starlink.com^                   # Support portal
 8 | @@||my.starlink.com^                        # Subscriber account portal
 9 | @@||beta.starlink.com^                      # Beta or test environment
10 | @@||e.starlink.com^                         # Email/service portal
11 | @@||smtp.starlink.com^                      # SMTP service
12 | @@||imap.starlink.com^                      # IMAP email service
13 | @@||webmail.starlink.com^                   # Webmail interface
14 | @@||autodiscover.starlink.com^              # Autodiscover email configuration
15 | @@||email.starlink.com^                     # General email service
16 | @@||pb.starlink.com^                        # Placeholder (P) redirect/proxy services
17 | @@||lb.starlink.com^                        # Load balancer services
18 | @@||staging.starlink.com^                   # Staging environment
19 | @@||internal.starlink.com^                  # Internal services (limited public)
20 | @@||asset-state-cplane.svc.starlink.com^    # Control-plane telemetry service
21 | @@||wifi-update.svc.starlink.com^           # Firmware update service
22 | 


--------------------------------------------------------------------------------
/lists/ios-basic-allowlist.txt:
--------------------------------------------------------------------------------
 1 | ! Title: Apple iOS basic allowlist 
 2 | ! Author: SystemJargon
 3 | ! URL: github.com/systemjargon/allowlists
 4 | ! Purpose: To allow basic functionality of an iOS device. Such as time set, app downloads, help/support and CDN.
 5 | ! Why - alot of telemtry lists by others aggregate https://raw.githubusercontent.com/cedws/apple-telemetry/master/blacklist
 6 | ! Tested in AdGuardHome - you can copy and paste to custom filtering rules or use as an allowlist.
 7 | !
 8 | ! iCloud.com subdomains need attention per user. Example dont use iCloud, don't allow it.
 9 | @@||akamaiedge.net^$important # CDN and images in Appstore 
10 | @@||mzstatic.com^$important # images in Appstore, need more subdomains to make granular allow
11 | @@||support.apple.com^$important
12 | @@||apps.apple.com^$important
13 | @@||www.apple.com^$important
14 | @@||help.apple.com^$important
15 | @@||gateway.icloud.com^$important
16 | @@||ocsp2.apple.com^$important
17 | @@||time.apple.com^$important
18 | @@||cdn-apple.com^$important
19 | @@||cdn.apple.com$important
20 | @@||push-apple.akadns.net^$important
21 | @@||configuration.apple.com.akadns.net^$important
22 | @@||buy.itunes-apple.com.akadns.net^$important
23 | @@||bag.itunes.apple.com^$important
24 | @@||inappcheck.itunes.apple.com^$important
25 | @@||play.itunes.apple.com^$important
26 | @@||xp.apple.com^$important
27 | @@||buy.itunes.apple.com^$important
28 | @@||iosapps.itunes.apple.com^$important
29 | @@||push.apple.com^$important
30 | @@||idmsa.apple.com^$important
31 | @@||idmsa.idms-apple.com.akadns.net^$important
32 | 


--------------------------------------------------------------------------------
/lists/updates/windows-defender-agh.txt:
--------------------------------------------------------------------------------
 1 | # Windows Defender needed allowlist. Sourced from https://learn.microsoft.com/en-us/windows/privacy/manage-windows-21h2-endpoints
 2 | @@||go.microsoft.com^
 3 | @@||wdcp.microsoft.com^
 4 | @@||smartscreen-prod.microsoft.com^
 5 | @@||checkappexec.microsoft.com^
 6 | # Below Sourced from https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus?view=o365-worldwide
 7 | @@||wdcpalt.microsoft.com^
 8 | @@||wd.microsoft.com^
 9 | @@||ctldl.windows.com^
10 | @@||update.microsoft.com^
11 | @@||delivery.mp.microsoft.com^
12 | @@||windowsupdate.com^
13 | @@||download.microsoft.com^
14 | @@||download.windowsupdate.com^
15 | @@||ussus1eastprod.blob.core.windows.net^
16 | @@||ussus2eastprod.blob.core.windows.net^
17 | @@||ussus3eastprod.blob.core.windows.net^
18 | @@||ussus4eastprod.blob.core.windows.net^
19 | @@||wsus1eastprod.blob.core.windows.net^
20 | @@||wsus2eastprod.blob.core.windows.net^
21 | @@||ussus1westprod.blob.core.windows.net^
22 | @@||ussus2westprod.blob.core.windows.net^
23 | @@||ussus3westprod.blob.core.windows.net^
24 | @@||ussus4westprod.blob.core.windows.net^
25 | @@||wsus1westprod.blob.core.windows.net^
26 | @@||wsus2westprod.blob.core.windows.net^
27 | @@||usseu1northprod.blob.core.windows.net^
28 | @@||wseu1northprod.blob.core.windows.net^
29 | @@||usseu1westprod.blob.core.windows.net^
30 | @@||wseu1westprod.blob.core.windows.net^
31 | @@||ussuk1southprod.blob.core.windows.net^
32 | @@||wsuk1southprod.blob.core.windows.net^
33 | @@||ussuk1westprod.blob.core.windows.net^
34 | @@||wsuk1westprod.blob.core.windows.net^
35 | @@||crl.microsoft.com^


--------------------------------------------------------------------------------
/lists/core-allowlist-requested.txt:
--------------------------------------------------------------------------------
 1 | # User submitted domains and subdomains to allow via allowlist-request
 2 | # Created by github.com/systemjargon/allowlists
 3 | @@||cdn.jsdelivr.net^
 4 | @@||i0.wp.com^
 5 | @@||i2.wp.com^
 6 | ! filters - issue #21
 7 | @@||dash.cloudflare.com^
 8 | @@||blog.cloudflare.com^
 9 | @@||www.cloudflare.com^
10 | ! cloudflare speedtest, ZT and access
11 | @@||speed.cloudflare.com^
12 | @@||cloudflareaccess.com^
13 | ! filters - issue #21 
14 | @@||cdnjs.cloudflare.com^ # content delivery network for open-source libraries.
15 | @@||ajax.cloudflare.com^ # Rocker Loader, Mirage
16 | @@||a.nel.cloudflare.com^ # network error logging
17 | @@||nonexistent.cloudflare.com^ # to check NXDOMAIN and DNS resolution?
18 | @@||cf-assets.www.cloudflare.com^ # PDFs, etc.
19 | @@||deploy.workers.cloudflare.com^ # deploys Worker from GitHub to Cloudflare
20 | @@||ot.www.cloudflare.com^ # OneTrust is for compliance with regulations like CCPA, GDPR
21 | @@||challenges.cloudflare.com^ # CAPTCHA
22 | @@||community.cloudflare.com^ # forum
23 | @@||developers.cloudflare.com^ # docs
24 | ! Amazon AWS
25 | @@||s3.amazonaws.com^ # needed for S3 buckets across AWS regions
26 | @@||signin.aws.amazon.com^ # sign in to Amazon AWS
27 | @@||opfcaptcha-prod.s3.amazonaws.com^ # captcha for AWS
28 | @@||sso.amazonaws.com^ # AWS SSO
29 | @@||aws.amazon.com^ # Important subdomain for Amazon AWS
30 | @@||aws.a2z.com^ # Further Amazon AWS allow an example Amazon Prime Video
31 | ! Microsoft Azure - Entra
32 | @@||msedge.net^ # needed for aliases to Microsoft Cloud hosts
33 | @@||portal.azure.com^ # Azure Entra Management
34 | @@||admin.microsoft.com^ # Microsoft Admin Portal
35 | @@||security.microsoft.com^ # Microsoft Security XDR Portal
36 | @@||exchange.microsoft.com^ # Microsoft EAC Portal
37 | @@||developer.microsoft.com^ # Microsoft Developer Graph Portal
38 | @@||endpoint.microsoft.com^ # Microsoft Endpoint Management Portal
39 | ! Docker
40 | @@||docker.com^ # Docker and it's top domain
41 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # allowlists
 2 | 
 3 | ## About
 4 | 
 5 | An allowlist repo for domains. Lists can be used in various ways. Such as those in AdGuardHome, Pi-hole, uBlock Origin, AdBlockPlus. 
 6 | 
 7 | [Compiled allowlists here](https://github.com/SystemJargon/allowlists/tree/main/lists). 
 8 | 
 9 | Source data comes from an array of discovery, detection, aggregation and other work by myself and others. 
10 | 
11 | Commented lines use # (usually to describe what/why where and if applicable). 
12 | 
13 | ----
14 | 
15 | ### Status
16 | 
17 | [![HitCount](https://hits.dwyl.com/systemjargon/allowlists.svg?style=flat&show=unique)](http://hits.dwyl.com/systemjargon/allowlists) [![GitHub stars](https://img.shields.io/github/stars/systemjargon/allowlists)](https://github.com/systemjargon/allowlists/stargazers) [![GitHub stars](https://img.shields.io/github/forks/systemjargon/allowlists)](https://github.com/systemjargon/allowlists/stargazers) [![GitHub stars](https://img.shields.io/github/issues/systemjargon/allowlists)](https://github.com/systemjargon/allowlists/stargazers) [![last commit](https://img.shields.io/github/last-commit/SystemJargon/allowlists.svg)](https://github.com/SystemJargon/allowlists/commits/master) [![commit activity](https://img.shields.io/github/commit-activity/y/SystemJargon/allowlists.svg)](https://github.com/SystemJargon/allowlists/commits/master) ![GitHub repo size](https://img.shields.io/github/repo-size/systemjargon/allowlists)
18 | 
19 | <!-- further content -->
20 | 
21 | Links to my repos on [Blocklists](https://github.com/SystemJargon/blocklists), [Pi-hole](https://github.com/SystemJargon/pi-hole), [AdGuardHome](https://github.com/SystemJargon/AdGuardHome) and [Filters](https://github.com/SystemJargon/filters) (new!)
22 | 
23 | [CloudFlare Test Domains](https://developers.cloudflare.com/cloudflare-one/policies/gateway/dns-policies/test-dns-filtering/#common-test-domains)
24 | 
25 | [OpenDNS Test Domain 1](https://welcome.opendns.com/)
26 | 
27 | [OpenDNS Test Domain 2](https://www.internetbadguys.com/)


--------------------------------------------------------------------------------
/lists/social-media/agh-facebook-social.txt:
--------------------------------------------------------------------------------
 1 | ## ^$ctag=user_regular sites below
 2 | # some social media example, facebook allow user_regular - comment if you wish
 3 | @@||fbcdn.net^$ctag=user_regular # facebook cdn and core sites to load website/app
 4 | @@||creative.ak.fbcdn.net^$ctag=user_regular
 5 | @@||external-lhr0-1.xx.fbcdn.net^$ctag=user_regular
 6 | @@||external-lhr10-1.xx.fbcdn.net^$ctag=user_regular
 7 | @@||external-lhr1-1.xx.fbcdn.net^$ctag=user_regular
 8 | @@||external-lhr2-1.xx.fbcdn.net^$ctag=user_regular
 9 | @@||external-lhr3-1.xx.fbcdn.net^$ctag=user_regular
10 | @@||external-lhr4-1.xx.fbcdn.net^$ctag=user_regular
11 | @@||external-lhr5-1.xx.fbcdn.net^$ctag=user_regular
12 | @@||external-lhr6-1.xx.fbcdn.net^$ctag=user_regular
13 | @@||external-lhr7-1.xx.fbcdn.net^$ctag=user_regular
14 | @@||external-lhr8-1.xx.fbcdn.net^$ctag=user_regular
15 | @@||external-lhr9-1.xx.fbcdn.net^$ctag=user_regular
16 | @@||fbcdn-creative-a.akamaihd.net^$ctag=user_regular
17 | @@||graph.facebook.com^$ctag=user_regular
18 | @@||graph.instagram.com^$ctag=user_regular
19 | @@||instagram.c10r.facebook.com^$ctag=user_regular
20 | @@||scontent-lhr3-1.xx.fbcdn.net^$ctag=user_regular
21 | @@||scontent.xx.fbcdn.net^$ctag=user_regular
22 | @@||scontent.fgdl5-1.fna.fbcdn.net^$ctag=user_regular
23 | # root domains facebook
24 | @@||facebook.com^$ctag=user_regular
25 | @@||facebook.net^$ctag=user_regular
26 | @@||fbcdn.net^$ctag=user_regular
27 | @@||cdn.fbsbx.com^$ctag=user_regular
28 | # chat and mqtt protcol facebook
29 | @@||edge-mqtt.facebook.com^$ctag=user_regular
30 | @@||0-edge-chat.facebook.com^$ctag=user_regular
31 | @@||1-edge-chat.facebook.com^$ctag=user_regular
32 | @@||2-edge-chat.facebook.com^$ctag=user_regular
33 | @@||3-edge-chat.facebook.com^$ctag=user_regular
34 | @@||4-edge-chat.facebook.com^$ctag=user_regular
35 | @@||5-edge-chat.facebook.com^$ctag=user_regular
36 | @@||6-edge-chat.facebook.com^$ctag=user_regular
37 | @@||edge-chat.facebook.com^$ctag=user_regular
38 | @@||mqtt-mini.facebook.com^$ctag=user_regular
39 | # other social media
40 | @@||t.co^$ctag=user_regular # twitter short url
41 | @@||linktr.ee^$ctag=user_regular # social media links on linktree aggregator landing page
42 | @@||graph.instagram.com^$ctag=user_regular # Instagram Graph API. Debate exists on this


--------------------------------------------------------------------------------
/lists/tld_critical_allowlist.txt:
--------------------------------------------------------------------------------
 1 | # tld_critical_whitelist.txt
 2 | # IMPORTANT - This is meant to be an allowlist not a blocklist
 3 | @@||.gov^           # US government domains - official federal, state, and local agencies
 4 | @@||.mil^           # US military domains - Department of Defense and affiliated services
 5 | @@||.us^            # United States country code TLD - general US infrastructure and services
 6 | @@||.int^           # International treaty organizations and protocols
 7 | @@||.arpa^          # Infrastructure TLD - reverse DNS and technical namespaces
 8 | @@||.edu^           # US educational institutions - universities and research bodies
 9 | @@||.ca^            # Canada country code - key US ally and partner nation
10 | @@||.uk^            # United Kingdom country code - major US ally
11 | @@||.au^            # Australia country code - Five Eyes member and ally
12 | @@||.nz^            # New Zealand country code - Five Eyes member and ally
13 | @@||.eu^            # European Union - regional governance and infrastructure
14 | @@||.de^            # Germany country code - key NATO ally
15 | @@||.fr^            # France country code - key NATO ally
16 | @@||.jp^            # Japan country code - key US ally in Asia-Pacific
17 | @@||.kr^            # South Korea country code - important US partner
18 | @@||.nl^            # Netherlands country code - NATO ally with major internet infrastructure
19 | @@||.se^            # Sweden country code - NATO member (since 2023)
20 | @@||.no^            # Norway country code - NATO ally
21 | @@||.fi^            # Finland country code - NATO member (since 2023)
22 | @@||.dk^            # Denmark country code - NATO ally
23 | @@||.be^            # Belgium country code - NATO headquarters country
24 | @@||.ch^            # Switzerland country code - international organizations host
25 | @@||.it^            # Italy country code - NATO ally
26 | @@||.es^            # Spain country code - NATO ally
27 | @@||.pl^            # Poland country code - NATO ally and Eastern Europe partner
28 | @@||.cz^            # Czech Republic country code - NATO ally
29 | @@||.ie^            # Ireland country code - important EU member
30 | @@||.pt^            # Portugal country code - NATO ally
31 | @@||.lu^            # Luxembourg country code - EU and NATO member
32 | @@||.gr^            # Greece country code - NATO ally
33 | @@||.is^            # Iceland country code - founding NATO member without standing army
34 | @@||ntp.gov^        # US government NTP servers - time synchronization critical for systems
35 | @@||dns.gov^        # US government DNS infrastructure - critical DNS services
36 | @@||emergency.gov^  # Hypothetical US emergency management domains
37 | @@||who.int^        # World Health Organization - global public health coordination
38 | @@||un.org^         # United Nations - international governance and peacekeeping
39 | @@||icann.org^      # Internet Corporation for Assigned Names and Numbers - DNS oversight
40 | @@||iana.org^       # Internet Assigned Numbers Authority - DNS root zone management
41 | @@||root-servers.net^ # DNS root servers - fundamental to global DNS operation
42 | 


--------------------------------------------------------------------------------
/lists/keeping_others_happy.txt:
--------------------------------------------------------------------------------
  1 | 0-edge-chat.facebook.com
  2 | 1-edge-chat.facebook.com
  3 | 2-edge-chat.facebook.com
  4 | 3-edge-chat.facebook.com
  5 | 4-edge-chat.facebook.com
  6 | 5-edge-chat.facebook.com
  7 | 6-edge-chat.facebook.com
  8 | accounts.youtube.com
  9 | akamaiedge.net
 10 | android.clients.google.com
 11 | android.com
 12 | android.googleapis.com
 13 | apps.apple.com
 14 | b-graph-fallback.facebook.com
 15 | b-graph.facebook.com
 16 | bag.itunes.apple.com
 17 | battle.net
 18 | beta.openai.com
 19 | blizzard.com
 20 | buy.itunes-apple.com.akadns.net
 21 | buy.itunes.apple.com
 22 | cdn-apple.com
 23 | cdn.apple.com
 24 | cdn.fbsbx.com
 25 | chat.openai.com
 26 | chat.openai.com.cdn.cloudflare.net
 27 | configuration.apple.com.akadns.net
 28 | connect.facebook.com
 29 | connect.facebook.net
 30 | creative.ak.fbcdn.net
 31 | crl.godaddy.com
 32 | ea.com
 33 | eac-cdn.com
 34 | edge-chat.facebook.com
 35 | edge-mqtt.facebook.com
 36 | epicgames.com
 37 | external-lhr0-1.xx.fbcdn.net
 38 | external-lhr1-1.xx.fbcdn.net
 39 | external-lhr10-1.xx.fbcdn.net
 40 | external-lhr2-1.xx.fbcdn.net
 41 | external-lhr3-1.xx.fbcdn.net
 42 | external-lhr4-1.xx.fbcdn.net
 43 | external-lhr5-1.xx.fbcdn.net
 44 | external-lhr6-1.xx.fbcdn.net
 45 | external-lhr7-1.xx.fbcdn.net
 46 | external-lhr8-1.xx.fbcdn.net
 47 | external-lhr9-1.xx.fbcdn.net
 48 | facebook.com
 49 | facebook.net
 50 | fbcdn-creative-a.akamaihd.net
 51 | fbcdn.net
 52 | gateway.icloud.com
 53 | googlevideo.com
 54 | graph-fallback.facebook.com
 55 | graph-fallback.instagram.com
 56 | graph.facebook.com
 57 | graph.fbpigeon.com
 58 | graph.instagram.com
 59 | graph.whatsapp.com
 60 | graph.whatsapp.net
 61 | help.apple.com
 62 | idmsa.apple.com
 63 | idmsa.idms-apple.com.akadns.net
 64 | img.youtube.com
 65 | inappcheck.itunes.apple.com
 66 | instagram.c10r.facebook.com
 67 | iosapps.itunes.apple.com
 68 | live.com
 69 | live.net
 70 | m.youtube.com
 71 | microsoft.com
 72 | mqtt-mini.facebook.com
 73 | msauth.net
 74 | msedge.net
 75 | msftncsi.com
 76 | msn.com
 77 | music.youtube.com
 78 | mzstatic.com
 79 | netflix.com
 80 | nflxext.com
 81 | nflximg.com
 82 | nflximg.net
 83 | nflxso.net
 84 | nflxvideo.net
 85 | nrdp.prod.ftl.netflix.com
 86 | oca.nflxvideo.net
 87 | ocsp2.apple.com
 88 | onedrive.com
 89 | openai.com
 90 | play-fe.googleapis.com
 91 | play-lh.googleusercontent.com
 92 | play.google.com
 93 | play.googleapis.com
 94 | play.itunes.apple.com
 95 | playstation.com
 96 | playstation.net
 97 | push-apple.akadns.net
 98 | push.apple.com
 99 | roblox.com
100 | rockstargames.com
101 | s.youtube.com
102 | s2.youtube.com
103 | scontent-lhr3-1.xx.fbcdn.net
104 | scontent.fgdl5-1.fna.fbcdn.net
105 | scontent.xx.fbcdn.net
106 | sonyentertainmentnetwork.com
107 | star.c10r.facebook.com
108 | star.fallback.c10r.facebook.com
109 | support.apple.com
110 | time.apple.com
111 | tv.youtube.com
112 | web.facebook.com
113 | windows.net
114 | www.apple.com
115 | www.netflix.com
116 | www.nflxext.com
117 | www.nflximg.com
118 | www.nflximg.net
119 | www.nflxso.net
120 | www.nflxvideo.net
121 | www.youtube-nocookie.com
122 | www.youtube.com
123 | www.youtubekids.com
124 | xbox.com
125 | xboxlive.com
126 | xp.apple.com
127 | youtube-dl.org
128 | youtube-nocookie.com
129 | youtube-ui.l.google.com
130 | youtubei.googleapis.com
131 | z-m-graph.facebook.com


--------------------------------------------------------------------------------
/lists/core-allowlist.txt:
--------------------------------------------------------------------------------
  1 | 0.client-channel.google.com
  2 | 1drv.com
  3 | 2.android.pool.ntp.org
  4 | adaway.org
  5 | admin.cloud.microsoft
  6 | aka.ms
  7 | akamai.net
  8 | akamaiedge.net
  9 | akamaihd.net
 10 | akamaitechnologies.com
 11 | akamaized.net
 12 | amazonaws.com
 13 | android.clients.google.com
 14 | android.com
 15 | android.googleapis.com
 16 | api.ipify.org
 17 | api.rlje.net
 18 | app-api.ted.com
 19 | appleid.apple.com
 20 | apps.apple.com
 21 | apps.skype.com
 22 | appsbackup-pa.clients6.google.com
 23 | appsbackup-pa.googleapis.com
 24 | appspot-preview.l.google.com
 25 | apt.sonarr.tv
 26 | apt.syncthing.net
 27 | archive.raspberrypi.com
 28 | archive.ubuntu.com
 29 | aspnetcdn.com
 30 | attestation.xboxlive.com
 31 | ax.phobos.apple.com.edgesuite.net
 32 | bag.itunes.apple.com
 33 | brightcove.net
 34 | buy.itunes-apple.com.akadns.net
 35 | buy.itunes.apple.com
 36 | c.s-microsoft.com
 37 | cdn-apple.com
 38 | cdn.apple.com$important
 39 | cdn.embedly.com
 40 | cdn.optimizely.com
 41 | cdn.vidible.tv
 42 | cdn2.optimizely.com
 43 | cdn3.optimizely.com
 44 | cert.mgt.xboxlive.com
 45 | clientconfig.passport.net
 46 | clients1.google.com
 47 | clients2.google.com
 48 | clients3.google.com
 49 | clients4.google.com
 50 | clients5.google.com
 51 | clients6.google.com
 52 | configuration.apple.com.akadns.net
 53 | connectivity-check.ubuntu.com
 54 | connectivitycheck.android.com
 55 | connectivitycheck.gstatic.com
 56 | continuum.dds.microsoft.com
 57 | cpms.spop10.ams.plex.bz
 58 | cpms35.spop10.ams.plex.bz
 59 | cse.google.com
 60 | ctldl.windowsupdate.com
 61 | d2c8v52ll5s99u.cloudfront.net
 62 | d2gatte9o95jao.cloudfront.net
 63 | dashboard.plex.tv
 64 | dataplicity.com
 65 | def-vef.xboxlive.com
 66 | delivery.vidible.tv
 67 | dev.virtualearth.net
 68 | device.auth.xboxlive.com
 69 | display.ugc.bazaarvoice.com
 70 | displaycatalog.mp.microsoft.com
 71 | dl.delivery.mp.microsoft.com
 72 | dl.dropbox.com
 73 | dl.dropboxusercontent.com
 74 | dns.msftncsi.com
 75 | download.sonarr.tv
 76 | downloads.docker.com
 77 | downloads.plex.tv
 78 | drift.com
 79 | driftt.com
 80 | ecn.dev.virtualearth.net
 81 | edge.api.brightcove.com
 82 | eds.xboxlive.com
 83 | familylink.google.com
 84 | firebog.net
 85 | fonts.gstatic.com
 86 | forums.sonarr.tv
 87 | g.live.com
 88 | gateway.icloud.com
 89 | geo-prod.do.dsp.mp.microsoft.com
 90 | geo3.ggpht.com
 91 | gfwsl.geforce.com
 92 | giphy.com
 93 | github.com
 94 | github.dev
 95 | github.io
 96 | githubusercontent.com
 97 | gitlab.com
 98 | googleapis.com
 99 | gravatar.com
100 | gstatic.com
101 | haveibeenpwned.com
102 | help.apple.com
103 | help.ui.xboxlive.com
104 | hls.ted.com
105 | hostfiles.frogeye.fr
106 | i.ytimg.com
107 | i1.ytimg.com
108 | idmsa.apple.com
109 | idmsa.idms-apple.com.akadns.net
110 | imagesak.secureserver.net
111 | img.vidible.tv
112 | imgix.net
113 | imgs.xkcd.com
114 | inappcheck.itunes.apple.com
115 | instantmessaging-pa.googleapis.com
116 | intercom.io
117 | intune.microsoft.com
118 | iosapps.itunes.apple.com
119 | ipv6.msftconnecttest.com
120 | jquery.com
121 | jsdelivr.net
122 | keystone.mwbsys.com
123 | kidsmanagement-pa.googleapis.com
124 | lastfm-img2.akamaized.net
125 | licensing.xboxlive.com
126 | life360.com
127 | live.com
128 | login.live.com
129 | login.microsoftonline.com
130 | manifest.googlevideo.com
131 | meta-db-worker02.pop.ric.plex.bz
132 | meta.plex.bz
133 | meta.plex.tv
134 | microsoftonline.com
135 | mobile.pipe.aria.microsoft.com
136 | msftconnecttest.com
137 | msftncsi.com
138 | my.plexapp.com
139 | mzstatic.com granular allow
140 | nexusrules.officeapps.live.com
141 | nine.plugins.plexapp.com
142 | node.plexapp.com
143 | notify.xboxlive.com
144 | npr-news.streaming.adswizz.com
145 | ns1.dropbox.com
146 | ns2.dropbox.com
147 | o1.email.plex.tv
148 | o2.sg0.plex.tv
149 | ocsp.apple.com
150 | ocsp2.apple.com
151 | office.com
152 | office.net
153 | office365.com
154 | officeclient.microsoft.com
155 | om.cbsi.com
156 | onedrive.live.com
157 | outlook.live.com
158 | outlook.office365.com
159 | pbs.twimg.com
160 | placehold.it
161 | placeholdit.imgix.net
162 | play-fe.googleapis.com
163 | play-lh.googleusercontent.com
164 | play.google.com
165 | play.googleapis.com
166 | play.itunes.apple.com
167 | players.brightcove.net
168 | portal.azure.com
169 | pricelist.skype.com
170 | products.office.com
171 | proto.on.quad9.net
172 | proxy.plex.bz
173 | proxy.plex.tv
174 | proxy02.pop.ord.plex.bz
175 | pubsub.plex.bz
176 | pubsub.plex.tv
177 | push-apple.akadns.net
178 | push.apple.com
179 | raspbian.raspberrypi.com
180 | raw.githubusercontent.com
181 | redirector.googlevideo.com
182 | repo.jellyfin.org
183 | res.cloudinary.com
184 | s.gateway.messenger.live.com
185 | s.marketwatch.com
186 | s.youtube.com
187 | s.ytimg.com
188 | s1.wp.com
189 | s2.youtube.com
190 | s3.amazonaws.com
191 | sa.symcb.com
192 | secure.avangate.com
193 | secure.brightcove.com
194 | secure.surveymonkey.com
195 | security.ubuntu.com
196 | services.sonarr.tv
197 | skyhook.sonarr.tv
198 | spclient.wg.spotify.com
199 | ssl.p.jwpcdn.com
200 | staging.plex.tv
201 | status.plex.tv
202 | support.apple.com
203 | t.co
204 | t0.ssl.ak.dynamic.tiles.virtualearth.net
205 | t0.ssl.ak.tiles.virtualearth.net
206 | tawk.to
207 | tedcdn.com
208 | testcategory.com
209 | themoviedb.com
210 | thetvdb.com
211 | time.apple.com
212 | tinyurl.com
213 | title.auth.xboxlive.com
214 | title.mgt.xboxlive.com
215 | traffic.libsyn.com
216 | tvdb2.plex.tv
217 | tvthemes.plexapp.com
218 | twimg.com
219 | ui.skype.com
220 | v.firebog.net
221 | video-stats.l.google.com
222 | videos.vidible.tv
223 | vidtech.cbsinteractive.com
224 | virustotal.com
225 | welcome.opendns.com
226 | widget-cdn.rpxnow.com
227 | win10.ipv6.microsoft.com
228 | wp.com
229 | ws.audioscrobbler.com
230 | www.apple.com
231 | www.docker.com
232 | www.googleapis.com
233 | www.internetbadguys.com
234 | www.jellyfin.org
235 | www.msftconnecttest.com
236 | www.msftncsi.com
237 | www.syncthing.net
238 | www.youtube-nocookie.com
239 | xbox.ipv6.microsoft.com
240 | xboxexperiencesprod.experimentation.xboxlive.com
241 | xflight.xboxlive.com
242 | xkms.xboxlive.com
243 | xp.apple.com
244 | xsts.auth.xboxlive.com
245 | youtu.be
246 | youtube-nocookie.com
247 | yt3.ggpht.com
248 | ztd.dds.microsoft.com


--------------------------------------------------------------------------------
/lists/core-allowlist-adguard.txt:
--------------------------------------------------------------------------------
  1 | @@||0.client-channel.google.com^
  2 | @@||1drv.com^
  3 | @@||2.android.pool.ntp.org^
  4 | @@||adaway.org^
  5 | @@||admin.cloud.microsoft^
  6 | @@||aka.ms^
  7 | @@||akamai.net^
  8 | @@||akamaiedge.net^
  9 | @@||akamaihd.net^
 10 | @@||akamaitechnologies.com^
 11 | @@||akamaized.net^
 12 | @@||amazonaws.com^
 13 | @@||android.clients.google.com^
 14 | @@||android.com^
 15 | @@||android.googleapis.com^
 16 | @@||api.ipify.org^
 17 | @@||api.rlje.net^
 18 | @@||app-api.ted.com^
 19 | @@||appleid.apple.com^
 20 | @@||apps.apple.com^
 21 | @@||apps.skype.com^
 22 | @@||appsbackup-pa.clients6.google.com^
 23 | @@||appsbackup-pa.googleapis.com^
 24 | @@||appspot-preview.l.google.com^
 25 | @@||apt.sonarr.tv^
 26 | @@||apt.syncthing.net^
 27 | @@||archive.raspberrypi.com^
 28 | @@||archive.ubuntu.com^
 29 | @@||aspnetcdn.com^
 30 | @@||attestation.xboxlive.com^
 31 | @@||ax.phobos.apple.com.edgesuite.net^
 32 | @@||bag.itunes.apple.com^
 33 | @@||brightcove.net^
 34 | @@||buy.itunes-apple.com.akadns.net^
 35 | @@||buy.itunes.apple.com^
 36 | @@||c.s-microsoft.com^
 37 | @@||cdn-apple.com^
 38 | @@||cdn.apple.com$important^
 39 | @@||cdn.embedly.com^
 40 | @@||cdn.optimizely.com^
 41 | @@||cdn.vidible.tv^
 42 | @@||cdn2.optimizely.com^
 43 | @@||cdn3.optimizely.com^
 44 | @@||cert.mgt.xboxlive.com^
 45 | @@||challenges.cloudflare.com^
 46 | @@||clientconfig.passport.net^
 47 | @@||clients1.google.com^
 48 | @@||clients2.google.com^
 49 | @@||clients3.google.com^
 50 | @@||clients4.google.com^
 51 | @@||clients5.google.com^
 52 | @@||clients6.google.com^
 53 | @@||configuration.apple.com.akadns.net^
 54 | @@||connectivity-check.ubuntu.com^
 55 | @@||connectivitycheck.android.com^
 56 | @@||connectivitycheck.gstatic.com^
 57 | @@||continuum.dds.microsoft.com^
 58 | @@||cpms.spop10.ams.plex.bz^
 59 | @@||cpms35.spop10.ams.plex.bz^
 60 | @@||cse.google.com^
 61 | @@||ctldl.windowsupdate.com^
 62 | @@||d2c8v52ll5s99u.cloudfront.net^
 63 | @@||d2gatte9o95jao.cloudfront.net^
 64 | @@||dashboard.plex.tv^
 65 | @@||dataplicity.com^
 66 | @@||def-vef.xboxlive.com^
 67 | @@||delivery.vidible.tv^
 68 | @@||dev.virtualearth.net^
 69 | @@||device.auth.xboxlive.com^
 70 | @@||display.ugc.bazaarvoice.com^
 71 | @@||displaycatalog.mp.microsoft.com^
 72 | @@||dl.delivery.mp.microsoft.com^
 73 | @@||dl.dropbox.com^
 74 | @@||dl.dropboxusercontent.com^
 75 | @@||dns.msftncsi.com^
 76 | @@||download.sonarr.tv^
 77 | @@||downloads.docker.com^
 78 | @@||downloads.plex.tv^
 79 | @@||drift.com^
 80 | @@||driftt.com^
 81 | @@||ecn.dev.virtualearth.net^
 82 | @@||edge.api.brightcove.com^
 83 | @@||eds.xboxlive.com^
 84 | @@||familylink.google.com^
 85 | @@||firebog.net^
 86 | @@||fonts.gstatic.com^
 87 | @@||forums.sonarr.tv^
 88 | @@||g.live.com^
 89 | @@||gateway.icloud.com^
 90 | @@||geo-prod.do.dsp.mp.microsoft.com^
 91 | @@||geo3.ggpht.com^
 92 | @@||gfwsl.geforce.com^
 93 | @@||giphy.com^
 94 | @@||github.com^
 95 | @@||github.dev^
 96 | @@||github.io^
 97 | @@||githubusercontent.com^
 98 | @@||gitlab.com^
 99 | @@||googleapis.com^
100 | @@||gravatar.com^
101 | @@||gstatic.com^
102 | @@||haveibeenpwned.com^
103 | @@||help.apple.com^
104 | @@||help.ui.xboxlive.com^
105 | @@||hls.ted.com^
106 | @@||hostfiles.frogeye.fr^
107 | @@||i.ytimg.com^
108 | @@||i1.ytimg.com^
109 | @@||idmsa.apple.com^
110 | @@||idmsa.idms-apple.com.akadns.net^
111 | @@||imagesak.secureserver.net^
112 | @@||img.vidible.tv^
113 | @@||imgix.net^
114 | @@||imgs.xkcd.com^
115 | @@||inappcheck.itunes.apple.com^
116 | @@||instantmessaging-pa.googleapis.com^
117 | @@||intercom.io^
118 | @@||intune.microsoft.com^
119 | @@||iosapps.itunes.apple.com^
120 | @@||ipv6.msftconnecttest.com^
121 | @@||jquery.com^
122 | @@||jsdelivr.net^
123 | @@||keystone.mwbsys.com^
124 | @@||kidsmanagement-pa.googleapis.com^
125 | @@||lastfm-img2.akamaized.net^
126 | @@||licensing.xboxlive.com^
127 | @@||life360.com^
128 | @@||live.com^
129 | @@||login.live.com^
130 | @@||login.microsoftonline.com^
131 | @@||manifest.googlevideo.com^
132 | @@||meta-db-worker02.pop.ric.plex.bz^
133 | @@||meta.plex.bz^
134 | @@||meta.plex.tv^
135 | @@||microsoftonline.com^
136 | @@||mobile.pipe.aria.microsoft.com^
137 | @@||msftconnecttest.com^
138 | @@||msftncsi.com^
139 | @@||my.plexapp.com^
140 | @@||mzstatic.com granular allow^
141 | @@||nexusrules.officeapps.live.com^
142 | @@||nine.plugins.plexapp.com^
143 | @@||node.plexapp.com^
144 | @@||notify.xboxlive.com^
145 | @@||npr-news.streaming.adswizz.com^
146 | @@||ns1.dropbox.com^
147 | @@||ns2.dropbox.com^
148 | @@||o1.email.plex.tv^
149 | @@||o2.sg0.plex.tv^
150 | @@||ocsp.apple.com^
151 | @@||ocsp2.apple.com^
152 | @@||office.com^
153 | @@||office.net^
154 | @@||office365.com^
155 | @@||officeclient.microsoft.com^
156 | @@||om.cbsi.com^
157 | @@||onedrive.live.com^
158 | @@||outlook.live.com^
159 | @@||outlook.office365.com^
160 | @@||pbs.twimg.com^
161 | @@||placehold.it^
162 | @@||placeholdit.imgix.net^
163 | @@||play-fe.googleapis.com^
164 | @@||play-lh.googleusercontent.com^
165 | @@||play.google.com^
166 | @@||play.googleapis.com^
167 | @@||play.itunes.apple.com^
168 | @@||players.brightcove.net^
169 | @@||portal.azure.com^
170 | @@||pricelist.skype.com^
171 | @@||products.office.com^
172 | @@||proto.on.quad9.net^
173 | @@||proxy.plex.bz^
174 | @@||proxy.plex.tv^
175 | @@||proxy02.pop.ord.plex.bz^
176 | @@||pubsub.plex.bz^
177 | @@||pubsub.plex.tv^
178 | @@||push-apple.akadns.net^
179 | @@||push.apple.com^
180 | @@||raspbian.raspberrypi.com^
181 | @@||raw.githubusercontent.com^
182 | @@||redirector.googlevideo.com^
183 | @@||repo.jellyfin.org^
184 | @@||res.cloudinary.com^
185 | @@||s.gateway.messenger.live.com^
186 | @@||s.marketwatch.com^
187 | @@||s.youtube.com^
188 | @@||s.ytimg.com^
189 | @@||s1.wp.com^
190 | @@||s2.youtube.com^
191 | @@||s3.amazonaws.com^
192 | @@||sa.symcb.com^
193 | @@||secure.avangate.com^
194 | @@||secure.brightcove.com^
195 | @@||secure.surveymonkey.com^
196 | @@||security.ubuntu.com^
197 | @@||services.sonarr.tv^
198 | @@||skyhook.sonarr.tv^
199 | @@||spclient.wg.spotify.com^
200 | @@||ssl.p.jwpcdn.com^
201 | @@||staging.plex.tv^
202 | @@||status.plex.tv^
203 | @@||support.apple.com^
204 | @@||t.co^
205 | @@||t0.ssl.ak.dynamic.tiles.virtualearth.net^
206 | @@||t0.ssl.ak.tiles.virtualearth.net^
207 | @@||tawk.to^
208 | @@||tedcdn.com^
209 | @@||testcategory.com^
210 | @@||themoviedb.com^
211 | @@||thetvdb.com^
212 | @@||time.apple.com^
213 | @@||tinyurl.com^
214 | @@||title.auth.xboxlive.com^
215 | @@||title.mgt.xboxlive.com^
216 | @@||traffic.libsyn.com^
217 | @@||tvdb2.plex.tv^
218 | @@||tvthemes.plexapp.com^
219 | @@||twimg.com^
220 | @@||ui.skype.com^
221 | @@||v.firebog.net^
222 | @@||video-stats.l.google.com^
223 | @@||videos.vidible.tv^
224 | @@||vidtech.cbsinteractive.com^
225 | @@||virustotal.com^
226 | @@||welcome.opendns.com^
227 | @@||widget-cdn.rpxnow.com^
228 | @@||win10.ipv6.microsoft.com^
229 | @@||wp.com^
230 | @@||ws.audioscrobbler.com^
231 | @@||www.apple.com^
232 | @@||www.docker.com^
233 | @@||www.googleapis.com^
234 | @@||www.internetbadguys.com^
235 | @@||www.jellyfin.org^
236 | @@||www.msftconnecttest.com^
237 | @@||www.msftncsi.com^
238 | @@||www.syncthing.net^
239 | @@||www.youtube-nocookie.com^
240 | @@||xbox.ipv6.microsoft.com^
241 | @@||xboxexperiencesprod.experimentation.xboxlive.com^
242 | @@||xflight.xboxlive.com^
243 | @@||xkms.xboxlive.com^
244 | @@||xp.apple.com^
245 | @@||xsts.auth.xboxlive.com^
246 | @@||youtu.be^
247 | @@||youtube-nocookie.com^
248 | @@||yt3.ggpht.com^
249 | @@||ztd.dds.microsoft.com^
250 | 


--------------------------------------------------------------------------------