ageng/blahdns
1
0
Fork 0
mirror of https://github.com/ookangzheng/blahdns.git synced 2025-12-13 12:45:37 +07:00
Code Issues Projects Releases Wiki Activity

Re init git

Browse Source
This commit is contained in:
ookangzheng
2019-08-04 00:25:17 +08:00
commit a9fadc5d00
67 changed files with 1580436 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,4 @@
# These are supported funding model platforms
github: [ookangzheng]
ko_fi: ookangzheng

91
.gitignore vendored Executable file
View File

@@ -0,0 +1,91 @@
# Created by https://www.gitignore.io/api/node
# Edit at https://www.gitignore.io/?templates=node
### Node ###
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
lerna-debug.log*
# Diagnostic reports (https://nodejs.org/api/report.html)
report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
# nyc test coverage
.nyc_output
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release
# Dependency directories
node_modules/
jspm_packages/
# TypeScript v1 declaration files
typings/
# Optional npm cache directory
.npm
# Optional eslint cache
.eslintcache
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env
.env.test
# parcel-bundler cache (https://parceljs.org/)
.cache
# next.js build output
.next
# nuxt.js build output
.nuxt
# vuepress build output
.vuepress/dist
# Serverless directories
.serverless/
# FuseBox cache
.fusebox/
# DynamoDB Local files
.dynamodb/
# End of https://www.gitignore.io/api/node

14
Archived/Privoxy/README.md Executable file
View File

@@ -0,0 +1,14 @@
## Source
1. https://raw.githubusercontent.com/qwIvan/privoxy-adfilter/master/adfilter.action
2. https://raw.githubusercontent.com/qwIvan/privoxy-adfilter/master/adfilter.filter
## PAC Filter
> Recommend work with VPN
1. https://raw.githubusercontent.com/essandess/easylist-pac-privoxy/master/proxy.pac (Built in EasyList)
### Refences
1. https://github.com/essandess/adblock2privoxy (Adblock filters to privoxy format)
2. https://github.com/essandess/macOS-Fortress
3. https://github.com/essandess/easylist-pac-privoxy

83743
Archived/Privoxy/ab2p.action Executable file
View File

File diff suppressed because it is too large Load Diff

3251
Archived/Privoxy/ab2p.filter Executable file
View File

File diff suppressed because it is too large Load Diff

24
Archived/Privoxy/ab2p.system.action Executable file
View File

@@ -0,0 +1,24 @@
#AbBlock system actions -- don't edit --
{+set-image-blocker{blank} \
+filter{ab2p-elemhide-filter} \
+client-header-tagger{ab2p-elemhide-check-debug} \
+client-header-tagger{ab2p-handle-as-image-c} \
+server-header-tagger{ab2p-handle-as-image-s}}
/
{-filter{ab2p-elemhide-filter} \
+filter{ab2p-elemhide-filter-debug}}
TAG:^ab2p-elemhide-filter-debug$
{+handle-as-image}
TAG:^ab2p-handle-as-image$
{+block{ adblock rules }}
TAG:^ab2p-block-s$
{-block}
TAG:^ab2p-unblock-u$
{-block}
TAG:^ab2p-unblock-d$
{-block}
TAG:^ab2p-unblock-s$
#workaround for gzip handling privoxy bugs
{ +prevent-compression }
*.yahoo.com
*.amazon.com

23
Archived/Privoxy/ab2p.system.filter Executable file
View File

@@ -0,0 +1,23 @@
#AbBlock system filters -- don't edit --
SERVER-HEADER-TAGGER: ab2p-block-s
s@.*@ab2p-block-s@Ti
CLIENT-HEADER-TAGGER: ab2b-unblock-u
s@user-agent.*@ab2p-unblock-u@Ti
SERVER-HEADER-TAGGER: ab2p-unblock-d
s@date.*@ab2p-unblock-d@Ti
SERVER-HEADER-TAGGER: ab2p-unblock-s
s@server.*@ab2p-unblock-s@Ti
SERVER-HEADER-TAGGER: ab2p-handle-as-image-s
s@^content-type(?=:[\s\w]*image\/):.*@ab2p-handle-as-image@Ti
CLIENT-HEADER-TAGGER: ab2p-handle-as-image-c
s@^accept(?=:[\s\w]*image\/):.*@ab2p-handle-as-image@Ti
SERVER-HEADER-FILTER: ab2p-xframe-filter
s@.*\sHTTP\/1.*@$&\r\nX-Frame-Options: DENY@i
CLIENT-HEADER-TAGGER: ab2p-elemhide-check-debug
s@^cookie:.*ab2p-elemhide-filter-debug=true(?:;|$).*@ab2p-elemhide-filter-debug@Ti
FILTER: ab2p-elemhide-filter
s@[^'"\s]\s*<head[^>]*>(?=\s*[^'"\s])@$&<link rel="stylesheet" type="text/css" href="http://0.0.0.0/ab2p.common.css"></link><link rel="stylesheet" type="text/css" href="http://0.0.0.0/$host/ab2p.css"></link>@iUD
FILTER: ab2p-elemhide-filter-debug
s@[^'"\s]\s*<head[^>]*>(?=\s*[^'"\s])@$&<link rel="stylesheet" type="text/css" href="http://0.0.0.0/debug/ab2p.common.css"></link><link rel="stylesheet" type="text/css" href="http://0.0.0.0/$host.debug/ab2p.css"></link>@iUD
FILTER: ab2p-popup-filter
s@[^'"\s]\s*<head[^>]*>(?=\s*[^'"\s])@$&<script type="text/javascript">parent==window&&opener&&close()</script>@iUD

27417
Archived/Privoxy/adfilter.action Executable file
View File

File diff suppressed because it is too large Load Diff

3202
Archived/Privoxy/adfilter.filter Executable file
View File

File diff suppressed because it is too large Load Diff

29
Archived/unbound/opennic.hints Executable file
View File

@@ -0,0 +1,29 @@
. 86400 IN NS ns9.opennic.glue.
. 86400 IN NS ns10.opennic.glue.
. 86400 IN NS ns12.opennic.glue.
. 86400 IN NS ns2.opennic.glue.
. 86400 IN NS ns5.opennic.glue.
. 86400 IN NS ns3.opennic.glue.
. 86400 IN NS ns11.opennic.glue.
. 86400 IN NS ns4.opennic.glue.
. 86400 IN NS ns6.opennic.glue.
. 86400 IN NS ns8.opennic.glue.
ns2.opennic.glue. 7200 IN A 161.97.219.84
ns2.opennic.glue. 7200 IN AAAA 2001:470:4212:10:0:100:53:10
ns3.opennic.glue. 7200 IN A 104.168.144.17
ns3.opennic.glue. 7200 IN AAAA 2001:470:8269::53
ns4.opennic.glue. 7200 IN A 163.172.168.171
ns5.opennic.glue. 7200 IN A 94.103.153.176
ns5.opennic.glue. 7200 IN AAAA 2a02:990:219:1:ba:1337:cafe:3
ns6.opennic.glue. 7200 IN A 207.192.71.13
ns8.opennic.glue. 7200 IN A 178.63.116.152
ns8.opennic.glue. 7200 IN AAAA 2a01:4f8:141:4281::999
ns9.opennic.glue. 7200 IN A 174.138.48.29
ns9.opennic.glue. 7200 IN AAAA 2604:a880:800:a1::2a:2001
ns10.opennic.glue. 7200 IN A 188.226.146.136
ns10.opennic.glue. 7200 IN AAAA 2001:470:1f04:ebf::2
ns11.opennic.glue. 7200 IN A 45.55.97.204
ns11.opennic.glue. 7200 IN AAAA 2604:a880:800:a1::14c1:1
ns12.opennic.glue. 7200 IN A 79.124.7.81
ns12.opennic.glue. 7200 IN AAAA 2a01:8740:1:ff13::ae67

83
Archived/unbound/root.hints Executable file
View File

@@ -0,0 +1,83 @@
. 86400 NS ns2.opennic.glue.
ns2.opennic.glue. 7200 A 161.97.219.84
ns2.opennic.glue. 7200 AAAA 2001:470:4212:10:0:100:53:10
. 86400 NS ns3.opennic.glue.
ns3.opennic.glue. 7200 A 104.168.144.17
ns3.opennic.glue. 7200 AAAA 2001:470:8269::53
. 3600000 NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
;
; FORMERLY NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 199.9.14.201
B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b
;
; FORMERLY C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
;
; FORMERLY TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
;
; FORMERLY NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
;
; FORMERLY NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
;
; FORMERLY NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
;
; FORMERLY AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
;
; FORMERLY NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
;
; OPERATED BY VERISIGN, INC.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
;
; OPERATED BY RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
;
; OPERATED BY ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42
;
; OPERATED BY WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35

60
Archived/unbound/unbound.conf Executable file
View File

@@ -0,0 +1,60 @@
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include: "/etc/unbound/unbound.conf.d/*.conf"
server:
directory: "/etc/unbound"
username: unbound
chroot: "/etc/unbound"
pidfile: "/etc/unbound/unbound.pid"
interface: 0.0.0.0@55
interface: ::0@55
access-control: 0.0.0.0/0 allow
access-control: ::/64 allow
logfile: "unbound.log"
statistics-interval: 0
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
do-daemonize: yes
prefetch: yes
qname-minimisation: yes
rrset-roundrobin: yes
use-caps-for-id: yes
verbosity: 0
#auto-trust-anchor-file: "root.key"
hide-identity: yes
hide-version: yes
minimal-responses: yes
harden-short-bufsize: yes
harden-large-queries: yes
harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: yes
harden-referral-path: no
do-not-query-localhost: no
root-hints: "root.hints"
# forward-zone:
# name: "."
# forward-addr: 185.228.168.9@853
# forward-ssl-upstream: yes
# forward-first: yes

531
Archived/unbound/unbound.conf.d/opennic.root.conf Executable file
View File

@@ -0,0 +1,531 @@
server:
domain-insecure: "opennic.glue"
auth-zone:
name: "opennic.glue"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/opennic.glue"
master: 161.97.219.84
server:
domain-insecure: "dns.opennic.glue"
auth-zone:
name: "dns.opennic.glue"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/dns.opennic.glue"
master: 161.97.219.84
server:
domain-insecure: "micro"
auth-zone:
name: "micro"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/micro"
master: 161.97.219.84
server:
domain-insecure: "ing"
auth-zone:
name: "ing"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/ing"
master: 161.97.219.84
server:
domain-insecure: "glue"
auth-zone:
name: "glue"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/glue"
master: 161.97.219.84
server:
domain-insecure: "bbs"
auth-zone:
name: "bbs"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/bbs"
master: 161.97.219.84
server:
domain-insecure: "bit"
auth-zone:
name: "bit"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/bit"
master: 161.97.219.84
server:
domain-insecure: "chan"
auth-zone:
name: "chan"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/chan"
master: 161.97.219.84
server:
domain-insecure: "dyn"
auth-zone:
name: "dyn"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/dyn"
master: 161.97.219.84
server:
domain-insecure: "free"
auth-zone:
name: "free"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/free"
master: 161.97.219.84
server:
domain-insecure: "fur"
auth-zone:
name: "fur"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/fur"
master: 161.97.219.84
server:
domain-insecure: "geek"
auth-zone:
name: "geek"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/geek"
master: 161.97.219.84
server:
domain-insecure: "gopher"
auth-zone:
name: "gopher"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/gopher"
master: 161.97.219.84
server:
domain-insecure: "indy"
auth-zone:
name: "indy"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/indy"
master: 161.97.219.84
server:
domain-insecure: "libre"
auth-zone:
name: "libre"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/libre"
master: 161.97.219.84
server:
domain-insecure: "neo"
auth-zone:
name: "neo"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/neo"
master: 161.97.219.84
server:
domain-insecure: "null"
auth-zone:
name: "null"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/null"
master: 161.97.219.84
server:
domain-insecure: "oss"
auth-zone:
name: "oss"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/oss"
master: 161.97.219.84
server:
domain-insecure: "oz"
auth-zone:
name: "oz"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/oz"
master: 161.97.219.84
server:
domain-insecure: "parody"
auth-zone:
name: "parody"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/parody"
master: 161.97.219.84
server:
domain-insecure: "pirate"
auth-zone:
name: "pirate"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/pirate"
master: 161.97.219.84
server:
domain-insecure: "o"
auth-zone:
name: "o"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/o"
master: 161.97.219.84
server:
domain-insecure: "lib"
auth-zone:
name: "lib"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/lib"
master: 161.97.219.84
server:
domain-insecure: "coin"
auth-zone:
name: "coin"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/coin"
master: 161.97.219.84
server:
domain-insecure: "emc"
auth-zone:
name: "emc"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/emc"
master: 161.97.219.84
server:
domain-insecure: "bazar"
auth-zone:
name: "bazar"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/bazar"
master: 161.97.219.84
server:
domain-insecure: "cyb"
auth-zone:
name: "cyb"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/cyb"
master: 161.97.219.84
server:
domain-insecure: "ku"
auth-zone:
name: "ku"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/ku"
master: 161.97.219.84
server:
domain-insecure: "te"
auth-zone:
name: "te"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/te"
master: 161.97.219.84
server:
domain-insecure: "uu"
auth-zone:
name: "uu"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/uu"
master: 161.97.219.84
server:
domain-insecure: "ti"
auth-zone:
name: "ti"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/ti"
master: 161.97.219.84

9
Archived/unbound/unbound.conf.d/qname-minimisation.conf Executable file
View File

@@ -0,0 +1,9 @@
server:
# Send minimum amount of information to upstream servers to enhance
# privacy. Only sends minimum required labels of the QNAME and sets
# QTYPE to NS when possible.
# See RFC 7816 "DNS Query Name Minimisation to Improve Privacy" for
# details.
qname-minimisation: yes

16
Archived/unbound/unbound.conf.d/root.zone.conf Executable file
View File

@@ -0,0 +1,16 @@
auth-zone:
name: "."
for-downstream: no
for-upstream: yes
fallback-enabled: yes
zonefile: "tld.zone"
master: 199.9.14.201
master: 192.36.148.17
master: 192.203.230
master: 199.7.91.13
master: 2001:503:ba3e::2:30
master: 2001:500:84::b
master: 2001:500:2f::f
master: 2001:7fd::1
master: 2620:0:2830:202::132
master: 2620:0:2d0:202::132

120
FAQ.md Executable file
View File

@@ -0,0 +1,120 @@
## Prevent DNS leaking from Chrome browser on Android phone
1. Type `chrome://flags`
2. search for keyword: `async dns`
3. set value to `DISABLED`
4. restart Chrome
<img src="https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/disable-async-dns-on-android-chrome.jpg" alt="Your image title" width="250"/>
## Troubleshoot
```
// Browser test:
https://doh-de.blahdns.com/dns-query?name=example.net
https://doh-jp.blahdns.com/dns-query?name=example.net
https://doh-ch.blahdns.com/dns-query?name=example.net
// curl with DoH
curl -H 'content-type: application/dns-message' -vL -v 'https://doh-jp.blahdns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
curl -H 'content-type: application/dns-message' -vL -v 'https://doh-de.blahdns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
curl -H 'content-type: application/dns-message' -vL -v 'https://doh-ch.blahdns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
// Kdig TLS with port 853, port 443 force include SNI (updated on July 19, 2019)
kdig example.com @108.61.201.119 +tls
kdig example.com @2001:19f0:7001:1ded:5400:1ff:fe90:945b +tls
kdig example.com @159.69.198.101 +tls
kdig example.com @2a01:4f8:1c1c:6b4b::1 +tls
kdig example.com @2a0a:e5c0:2:2:0:c8ff:fe68:bf48 +tls
kdig example.com @108.61.201.119 +tls -p 443 +tls-sni=dot-jp.blahdns.com
kdig example.com @159.69.198.101 +tls -p 443 +tls-sni=dot-de.blahdns.com
kdig example.com @2a0a:e5c0:2:2:0:c8ff:fe68:bf48 +tls +tls-sni=dot-ch.blahdns.com
// TLS certificate validation
kdig -d @2a0a:e5c0:2:2:0:c8ff:fe68:bf48 +tls-sni=dot-ch.blahdns.com +tls-ca +tls-host=dot-ch.blahdns.com example.com
kdig -d @108.61.201.119 -p 443 +tls-sni=dot-jp.blahdns.com +tls-ca +tls-host=dot-jp.blahdns.com example.com
kdig -d @2001:19f0:7001:1ded:5400:1ff:fe90:945b -p 443 +tls-sni=dot-jp.blahdns.com +tls-ca +tls-host=dot-jp.blahdns.com example.com
kdig -d @159.69.198.101 -p 443 +tls-sni=dot-de.blahdns.com +tls-ca +tls-host=dot-de.blahdns.com example.com
kdig -d @159.69.198.101 -p 443 +tls-sni=dot-de.blahdns.com +tls-ca +tls-host=dot-de.blahdns.com example.com
```
## Mac OSX Mojave use Openssl TLS 1.3
```
brew upgrade
brew install openssl@1.1
// Put openssl tls 1.3 as first choice on zsh, paste it and restart terminal
echo 'export PATH="/usr/local/opt/openssl@1.1/bin:$PATH"' >> ~/.zshrc
// Debug DoH with TLS 1.3
openssl s_client -state -debug -msg -connect doh-jp.blahdns.com:443 -tls1_3
```
## DNSSEC validation test
Use `dig` to test, this will return with header `AD`
```
dig blahdns.com +dnssec +multi
```
This will failed, should only return a `SERVFAIL`
```
dig www.dnssec-failed.org
```
## DNS alternative
### Censored DNS
1. https://doh.tiar.app/ (DoT, DoH, Dnscrypt, Singapore)
2. https://doh.dnswarden.com/adblock (DoH, Germany)
3. adblock-dot.dnswarden.com (DoT, Port: 443, 853, Germany)
4. fdns1.dismail.de (DoT, Port: 853, Germany)
5. https://dns.brahma.world/ (DoH, DoT, Plain, Port 853, India)
### Uncensored DNS
1. dot.securedns.eu, https://doh.securedns.eu/dns-query (DoT, DoH, Dnscrypt)
2. https://doh.dnswarden.com/uncensored (DoH)
3. uncensored-dot.dnswarden.com (DoT, Port: 443, 853)
4. dns-tls.openbsd.se (DoT)
5. dot1.appliedprivacy.net
6. dns.neutopia.org (DoT)
7. ns1.dnsprivacy.at, ns2.dnsprivacy.at (DoT, Dnscrypt, Port: 853)
8. dns.cmrg.net (DoT, Canada, TCP port: 853 or 443 or 53053)
9. unicast.censurfridns.dk (DoT, Denmark)
10. doh.defaultroutes.de, https://doh.defaultroutes.de/dns-query (DoT, DoH, Port: 853, Germany)
## Server Benchmark
1. [bench.sh](https://cdn.statically.io/gh/teddysun/across/master/bench.sh)
```
// Method 1 ** Recommend
wget -qO- https://oooo.b-cdn.net/bench.sh | bash
// Method 2
wget -qO- https://cdn.statically.io/gh/teddysun/across/master/bench.sh | bash
```
2. [Unixbench](https://cdn.statically.io/gh/teddysun/across/master/unixbench.sh)
```
// Method 1 ** Recommend
wget https://oooo.b-cdn.net/unixbench.sh
chmod +x unixbench.sh
./unixbench.sh
// Method 2 (If your server only has IPv6, use Method 1)
wget https://cdn.statically.io/gh/teddysun/across/master/unixbench.sh
chmod +x unixbench.sh
./unixbench.sh
```
Vultr Cloudcompute vs High frequency -- [gist](https://gist.github.com/ookangzheng/3b3494af632c19699f2cd1bb0ea1685e)

21
LICENSE Executable file
View File

@@ -0,0 +1,21 @@
MIT License
Copyright (c) 2018 Oo Kang Zheng
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

124
README.md Executable file
View File

@@ -0,0 +1,124 @@
* If you are developer using those services, both are blocked by default.
`data.mob.com, google-analytics, googleadservices, amazon-adsystem, crashlytics.com analytics.yahoo, doubleclick.net, hm.baidu.com, etc.. `
* Switzerland server is online, DoT added Port 853 (July 19, 2019) 🥂
* Germany and Japan server certs both renewed at June 25, 2019 🥳
* For more old announcements, go [here](https://github.com/ookangzheng/blahdns/issues/36)
* Chrome on Android leaking DNS, check [HERE](https://github.com/ookangzheng/blahdns/blob/master/FAQ.md) to fix.
## Our features
* Block Trackers, Ads, Malware, Phishing
* No ECS, DNSSEC ready, No logs, OpenNIC
## Server status
* Server status [UPTimeRobot](https://stats.blahdns.com) | [Dnsprivacy.org](https://dnsprivacy.org/jenkins/job/dnsprivacy-monitoring/)
## Server architecture
```bash
Server (August 2, 2019 -- Germany, Japan)
|-- Let's Encrypt SSL
<<<<<<< HEAD
|-- Knot-resolver (Rpz, OpenNIC, Icann)
=======
|-- Knot-resolver (OpenNIC, ICANN)
>>>>>>> a1b78f4... Update README.md
| |-- DNSCryptv2 (dnsdist, port 8443)
| |-- doh-server (DoH, GET, POST -- m13253)
| |-- |-- DoH (HAProxy, port 443, TLS 1.3, require SNI)
|-- DoT (HAProxy, port 853, 443, TLS 1.3, require SNI)
<<<<<<< HEAD
Server (July 29, 2019 -- Switzerland)
|-- Let's Encrypt SSL
|-- Knot-resolver (Rpz, OpenNIC, Icann)
=======
Server (August 2, 2019 -- Switzerland)
|-- Let's Encrypt SSL
|-- Knot-resolver (OpenNIC, ICANN, forward-upstream to quad9)
>>>>>>> a1b78f4... Update README.md
| |-- DNSCryptv2 (dnsdist, port 8443)
| |-- DoT (dnsdist, port 853, TLS 1.3)
| |-- DoH (dnsdist, port 443, TLS 1.3)
```
## Config file / Client
* Android DoH/DoT: [Nebulo App](https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen) | [personalDNSfilter App](https://zenz-solutions.de/personaldnsfilter/) | [Intra](https://play.google.com/store/apps/details?id=app.intra)
* iOS Dnscryptv2/DoH: [Dnscloak](https://itunes.apple.com/app/dnscloak-secure-dns-client/id1452162351)
* Dnscryptv2: [dnscrypt-proxy](https://github.com/jedisct1/dnscrypt-proxy/)
* Config files: [ Client config example ](https://github.com/ookangzheng/blahdns/tree/master/client-conf)
## Server information
- Switzerland🇨🇭(DoT, DoH, Dnscryptv2), Provider: ungleich.ch, Ipv6 only Hosting, BETA
* IP: 2a0a:e5c0:2:2:0:c8ff:fe68:bf48
* DNS-over-HTTPS:
* https://doh-ch.blahdns.com/dns-query
* IPv6: sdns://AgMAAAAAAAAAIFsyYTBhOmU1YzA6MjoyOjA6YzhmZjpmZTY4OmJmNDhdABJkb2gtY2guYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
* DNS-over-TLS: dot-ch.blahdns.com, ports 853
* DNSCrypt v2, port 8443:
* IPv6: sdns://AQMAAAAAAAAAJVsyYTBhOmU1YzA6MjoyOjA6YzhmZjpmZTY4OmJmNDhdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t
- Japan🇯🇵(DoT, DoH, Dnscryptv2), Provider: Vultr
* IP: 108.61.201.119, 2001:19f0:7001:1ded:5400:01ff:fe90:945b
* DNS-over-HTTPS:
* https://doh-jp.blahdns.com/dns-query
* IPv4 sdns://AgMAAAAAAAAADjEwOC42MS4yMDEuMTE5ABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
* IPv6 sdns://AgMAAAAAAAAAKVsyMDAxOjE5ZjA6NzAwMToxZGVkOjU0MDA6MDFmZjpmZTkwOjk0NWJdABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
* DNS-over-TLS: dot-jp.blahdns.com, ports 853, 443
* DNSCrypt v2, port 8443:
* IPv4: sdns://AQMAAAAAAAAAEzEwOC42MS4yMDEuMTE5Ojg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t
* IPv6:
sdns://AQMAAAAAAAAALlsyMDAxOjE5ZjA6NzAwMToxZGVkOjU0MDA6MDFmZjpmZTkwOjk0NWJdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t
- Germany🇩🇪(DoT, DoH, Dnscryptv2), Provider: Hetzner
* IP: 159.69.198.101, 2a01:4f8:1c1c:6b4b::1
* DNS-over-HTTPS:
* https://doh-de.blahdns.com/dns-query
* IPv4 sdns://AgMAAAAAAAAADjE1OS42OS4xOTguMTAxABJkb2gtZGUuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
* IPv6 sdns://AgMAAAAAAAAAF1syYTAxOjRmODoxYzFjOjZiNGI6OjFdABJkb2gtZGUuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
* DNS-over-TLS: dot-de.blahdns.com, ports 853, 443
* DNSCrypt v2, port 8443:
* IPv4: sdns://AQMAAAAAAAAAEzE1OS42OS4xOTguMTAxOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t
* IPv6: sdns://AQMAAAAAAAAAHFsyYTAxOjRmODoxYzFjOjZiNGI6OjFdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t
## Default blocked wildcard domain
* `*.wpad`
* `+.glassbox.+ `# https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots
* `.+(xn--).+ ` # Blocking IDN and Non-ASCii Domain name, eg: `kdig xn--80ak6aa92e.com` (apple.com)
1. https://www.reddit.com/r/pihole/comments/ap6ecf/regex_blocking_idn_and_nonascii_domain_names/
2. http://blog.netlab.360.com/idn_measurement_netlab/
3. https://github.com/mmotti/pihole-regex
## Awesome dns-resolver
https://gist.github.com/ookangzheng/c8fba46fe1dbcc8152e3231f53f91e86
## Huge thanks to those OSS and ORG
1. [Knot-resolver](https://github.com/CZ-NIC/knot-resolver)
2. [m13253](https://github.com/m13253/dns-over-https)
3. [DNSPrivacy.org](https://dnsprivacy.org)
## Site found which try to block DoH / DoT / Dnscrypt
1. https://forum.opnsense.org/index.php?PHPSESSID=s1mi1kp08r1c5lrr57rfklbtu0&topic=12238.0 (opensense)
## Disclaimer
* This is an experimental service, I'm not responsible for any down-time.
* Be sure you have agree with our [POLICY](https://github.com/ookangzheng/blahdns/#policy) before start to use.
* This service is for PERSONAL use, huge traffic are not welcome, will drop PTR, ANY by default.
* We can't block some ads with Apps inside your phone (Youtube official app Ads, Facebook app Ads, Twitter app Ads... )
## Policy
* Use at your own risk. Under no circumstances will the operator be held responsible or liable in any way for any claims, damages, losses, expenses, costs or liabilities whatsoever (including, without limitation, any direct or indirect damages for loss of profits, business interruption or loss of information) resulting or arising directly or indirectly from accessing or otherwise using this service (Blahdns server).
* The operator does not guarantee in any way the access, availability and continuity of the functioning of this service.
* By using this website and service you consent to the disclaimer and agree to its terms and conditions.
## Donate
[![paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=KC33GK5CT2Q9Y&source=url)
|
<a href='https://ko-fi.com/P5P4GPQ8' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://az743702.vo.msecnd.net/cdn/kofi4.png?v=0' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>

46
client-conf/DoT-or-DoH-Android.md Executable file
View File

@@ -0,0 +1,46 @@
## DoT and DoH on Android
### Solution 1 with Nebulo app
1. Use app [Nebulo](https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen)
2. Follow tutorial down below to setup blahdns
1. Manually type or download a server config file from [HERE](https://smokescreen.app/servers/adblockers)
**DoH**
<img src="https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/nebulo-doh.jpg" alt="Your image title" width="250"/>
**DoT**
<img src="https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/nebulo-dot.jpg" alt="Your image title" width="250"/>
### Solution 2 with personalDNSfilter app (Android)
App download: [https://zenz-solutions.de/personaldnsfilter](https://zenz-solutions.de/personaldnsfilter)
**Config file**
```
[2001:19f0:7001:1ded:5400:01ff:fe90:945b]::853::DoT
108.61.201.119::853::DoT
[2001:19f0:7001:1ded:5400:01ff:fe90:945b]::443::DoH::https://doh-jp.blahdns.com/dns-query
108.61.201.119::443::DoH::https://doh-jp.blahdns.com
```
<img src="https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/personal-dnsfilter-1.jpg" alt="Your image title" width="250"/>
<img src="https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/personal-dns-filter2.jpg" alt="Your image title" width="250"/>
### Solution 3 Android Pie
For Android 9 Pie user, Go to Setting -> Wi-Fi -> Private DNS
<img src="http://m.psyself.com/content/images/2018/08/Screenshot_20180807-102253-1.png" alt="Your image title" width="250"/>

105
client-conf/README.md Executable file
View File

@@ -0,0 +1,105 @@
## Android DoT / DoH config
Go [HERE](https://github.com/ookangzheng/blahdns/blob/master/client-conf/DoT-or-DoH-Android.md)
## Dnscrypt-proxy
Go [HERE](https://github.com/ookangzheng/blahdns/tree/master/client-conf/dnscrypt)
## Knot-resolver
```bash
-- Load useful modules
modules = {
'policy',
'hints > iterate', -- Load /etc/hosts and allow custom root hints
-- 'stats', -- Track internal statistics
-- 'predict', -- Prefetch expiring/frequent records
}
net.listen({'::1', '127.0.0.1'}, 53)
-- Cache size
cache.size = 100 * MB
-- To disable DNSSEC validation, uncomment the following line (not recommended)
trust_anchors.remove('.')
-- Forward queries to Blahdns
policy.add(policy.all(policy.TLS_FORWARD({{'159.69.198.101@443', hostname='dot-de.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}})))
policy.add(policy.all(policy.TLS_FORWARD({{'108.61.201.119@853', hostname='dot-jp.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}})))
policy.add(policy.all(policy.TLS_FORWARD({{'2a0a:e5c0:2:2:0:c8ff:fe68:bf48@853', hostname='dot-ch.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}})))
```
## Unbound
```bash
# /etc/unbound/unbound.conf
include: "/etc/unbound/unbound.conf.d/*.conf"
verbosity: 1
tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"
interface: 127.0.0.1@53
interface: 0::1@53
harden-dnssec-stripped: no # disable DNSSEC
do-not-query-localhost: no
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 2a0a:e5c0:2:2:0:c8ff:fe68:bf48@853#dot-ch.blahdns.com
forward-addr: 108.61.201.119@853#dot-jp.blahdns.com
forward-addr: 2001:19f0:7001:1ded:5400:1ff:fe90:945b@443#dot-jp.blahdns.com
forward-addr: 159.69.198.101@853#dot-de.blahdns.com
forward-addr:2a01:4f8:1c1c:6b4b::1@443#dot-de.blahdns.com
#forward-addr: 116.203.70.156@443#uncensored-dot.dnswarden.com
```
## Stubby
Go [HERE](https://github.com/ookangzheng/blahdns/tree/master/client-conf/stubby)
## Windows
Simplednscrypt -> https://simplednscrypt.org/ and install
![](https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/blahdns-1.png?raw=true)
![](https://github.com/ookangzheng/blahdns/raw/master/client-conf/img-source/blahdns-2.png?raw=true)
## Kdig
```bash
kdig google.com @dot-jp.blahdns.com +tls
```
## getdns
```bash
sudo apt install getdns-utils
getdns_query @108.61.201.119 -s -L -A www.google.com
```
## Curl
```bash
curl -H 'accept: application/dns-json' 'https://doh-jp.blahdns.com/dns-query?name=www.google.com&type=A'
```
## Facebook python doh-proxy
```bash
sudo apt install python3-pip python3-setuptools python3-wheel
sudo -H pip3 install doh-proxy
doh-client --domain doh-jp.blahdns.com --qname google.com --qtype A
```
## Linux-systemd
```bash
nano /etc/systemd/resolved.conf
DNS=108.61.201.119 159.69.198.101
DNSOverTLS=opportunistic
// Save and restart service
sudo systemctl restart systemd-resolved
// Check settings
resolvectl status
resolvectl query dot-jp.blahdns.com -t A
```

44
client-conf/dnscrypt/dnscrypt-proxy.toml Executable file
View File

@@ -0,0 +1,44 @@
# Updated on July 19, 2019
server_names = ['blahdns-ch-doh-v6', 'blahdns-ch-dnscrypt-v6', 'blahdns-jp-doh','blahdns-de-doh','blahdns-jp-dnscrypt-v4','blahdns-de-dnscrypt-v4']
listen_addresses = ['127.0.0.1:53', '[::1]:53']
max_clients = 250
force_tcp = false
timeout = 2000
keepalive = 30
# Load-balancing strategy: 'p2' (default), 'ph', 'fastest' or 'random'
lb_strategy = 'p2'
fallback_resolver = '9.9.9.9:53'
ignore_system_dns = false
netprobe_timeout = 30
cache = false
cache_size = 512
cache_min_ttl = 90
cache_max_ttl = 1800
cache_neg_min_ttl = 2
cache_neg_max_ttl = 6
[static]
[static.'blahdns-ch-doh-v6']
stamp = 'sdns://AgMAAAAAAAAAIFsyYTBhOmU1YzA6MjoyOjA6YzhmZjpmZTY4OmJmNDhdABJkb2gtY2guYmxhaGRucy5jb20KL2Rucy1xdWVyeQ'
[static.'blahdns-ch-dnscrypt-v6']
stamp = 'sdns://AQMAAAAAAAAAJVsyYTBhOmU1YzA6MjoyOjA6YzhmZjpmZTY4OmJmNDhdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'
[static.'blahdns-jp-doh']
stamp = 'sdns://AgMAAAAAAAAADjEwOC42MS4yMDEuMTE5ABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ'
[static.'blahdns-jp-doh-v6']
stamp = 'sdns://AgMAAAAAAAAAKVsyMDAxOjE5ZjA6NzAwMToxZGVkOjU0MDA6MDFmZjpmZTkwOjk0NWJdABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ'
[static.'blahdns-jp-dnscrypt-v4']
stamp = 'sdns://AQMAAAAAAAAAEzEwOC42MS4yMDEuMTE5Ojg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'
[static.'blahdns-jp-dnscrypt-v6']
stamp = 'sdns://AQMAAAAAAAAALlsyMDAxOjE5ZjA6NzAwMToxZGVkOjU0MDA6MDFmZjpmZTkwOjk0NWJdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'
[static.'blahdns-de-doh']
stamp = 'sdns://AgMAAAAAAAAADjE1OS42OS4xOTguMTAxABJkb2gtZGUuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ'
[static.'blahdns-de-doh-v6']
stamp = 'sdns://AgMAAAAAAAAAF1syYTAxOjRmODoxYzFjOjZiNGI6OjFdABJkb2gtZGUuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ'
[static.'blahdns-de-dnscrypt-v4']
stamp = 'sdns://AQMAAAAAAAAAEzE1OS42OS4xOTguMTAxOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'
[static.'blahdns-de-dnscrypt-v6']
stamp = 'sdns://AQMAAAAAAAAAHFsyYTAxOjRmODoxYzFjOjZiNGI6OjFdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'

BIN
client-conf/img-source/._nebulo-doh.jpg Executable file
View File

Binary file not shown.

BIN
client-conf/img-source/._nebulo-dot.jpg Executable file
View File

Binary file not shown.

BIN
client-conf/img-source/blahdns-1.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 138 KiB

BIN
client-conf/img-source/blahdns-2.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 272 KiB

BIN
client-conf/img-source/disable-async-dns-on-android-chrome.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
client-conf/img-source/nebulo-doh.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 46 KiB

BIN
client-conf/img-source/nebulo-dot.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 KiB

BIN
client-conf/img-source/personal-dns-filter2.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 72 KiB

BIN
client-conf/img-source/personal-dnsfilter-1.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 62 KiB

13
client-conf/stubby/README.md Executable file
View File

@@ -0,0 +1,13 @@
# MacOS guide
Install: `brew install stubby `
Restart: `sudo brew services restart stubby`
Check log: `sudo tail -f /usr/local/var/log/stubby/stubby.log`
Stubby dir: `/usr/local/etc/stubby`
Stubby config example: [HERE](https://github.com/getdnsapi/stubby/blob/develop/stubby.yml.example)
For more about Stubby, [HERE](https://dnsprivacy.org/wiki/pages/viewpage.action?pageId=3145812)

83
client-conf/stubby/stubby.yml Executable file
View File

@@ -0,0 +1,83 @@
## TLS_pubkey_pinset updated on July 19, 2019
## expires `2019-09-23 07:04:40 UTC'
resolution_type: GETDNS_RESOLUTION_STUB
dns_transport_list:
- GETDNS_TRANSPORT_TLS
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
tls_query_padding_blocksize: 128
edns_client_subnet_private: 0
round_robin_upstreams: 1
tls_connection_retries: 2
idle_timeout: 10000
timeout: 2000
listen_addresses:
#- 127.0.0.1
#- 0::1
- 127.0.0.1@54
- 0::1@54
upstream_recursive_servers:
- address_data: 2a0a:e5c0:2:2:0:c8ff:fe68:bf48
tls_port: 853
tls_auth_name: "dot-ch.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: i1jLFbRK0/Aj/eQO4qxG6SqlJOCf70zwJb3z7JDFyPs=
- address_data: 108.61.201.119
tls_port: 443
tls_auth_name: "dot-jp.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: psuldEImRyeSkU88b2ORtiNQ2uBdo+RCwAw6SxaJWQ4=
- address_data: 108.61.201.119
tls_port: 853
tls_auth_name: "dot-jp.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: psuldEImRyeSkU88b2ORtiNQ2uBdo+RCwAw6SxaJWQ4=
- address_data: 159.69.198.101
tls_port: 443
tls_auth_name: "dot-de.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: RzMGlPVE8DlsiA9DQRuW9CoVkwFBjS8j+we5PZ3eE0c=
- address_data: 159.69.198.101
tls_port: 853
tls_auth_name: "dot-de.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: RzMGlPVE8DlsiA9DQRuW9CoVkwFBjS8j+we5PZ3eE0c=
- address_data: 2001:19f0:7001:1ded:5400:01ff:fe90:945b
tls_port: 443
tls_auth_name: "dot-jp.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: psuldEImRyeSkU88b2ORtiNQ2uBdo+RCwAw6SxaJWQ4=
- address_data: 2001:19f0:7001:1ded:5400:01ff:fe90:945b
tls_port: 853
tls_auth_name: "dot-jp.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: psuldEImRyeSkU88b2ORtiNQ2uBdo+RCwAw6SxaJWQ4=
- address_data: 2a01:4f8:1c1c:6b4b::1
tls_port: 443
tls_auth_name: "dot-de.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: RzMGlPVE8DlsiA9DQRuW9CoVkwFBjS8j+we5PZ3eE0c=
- address_data: 2a01:4f8:1c1c:6b4b::1
tls_port: 853
tls_auth_name: "dot-de.blahdns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: RzMGlPVE8DlsiA9DQRuW9CoVkwFBjS8j+we5PZ3eE0c=

28
client-conf/stunnel.md Executable file
View File

@@ -0,0 +1,28 @@
## Stunnel
stunnel is an open-source multi-platform application used to provide a universal TLS/SSL tunneling service. stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively.
```bash
$ sudo apt install stunnel4
$ sudo sed -i -e "s/ENABLED=0/ENABLED=1/" /etc/default/stunnel4
cd /etc/stunnel
nano blahdns.conf
// blahdns.conf
debug = err
[blahdns-dns]
client = yes
accept = 127.0.0.1:5353
connect = 108.61.201.119:853 #Japan
# connect = 159.69.198.101:853 #Germany
verifyChain = yes
CApath = /etc/ssl/certs
checkHost = dot-jp.blahdns.com
# checkHost = dot-de.blahdns.com
````
### Test
```bash
dig @127.0.0.1 -p 5353 www.google.com +tcp
```

86
hosts/README.md Executable file
View File

@@ -0,0 +1,86 @@
## Hosts
* [Blahdns RPZ](https://raw.githubusercontent.com/ookangzheng/blahdns/master/hosts/rpz.blacklist) `(CC BY-NC-SA 4.0)
` designed for KNOT, Bind9, PowerDNS.
* Mobile version
* [dblmobile.oisd.nl wildcard](https://dblmobile.oisd.nl)
* [1hos.cf Mini](https://1hos.cf/mini)
* [1hos.cf](https://1hos.cf)
* [Blockconvert](https://raw.githubusercontent.com/mkb2091/blockconvert/master/output/hosts.txt)
* [280Blocker-JP](https://280blocker.net/files/280blocker_domain.txt)
* [hblock hosts](https://hblock.molinero.xyz/hosts)
* Mobile Adblock clients: [Blokada](https://github.com/blokadaorg/blokada) | [DNS66](https://github.com/julian-klode/dns66) | [pDNSf](https://zenz-solutions.de/personaldnsfilter) | [Nebulo](https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen&hl=en_US) | [Adhell](https://play.google.com/store/apps/details?id=com.getadhell.androidapp&hl=en_US) | [DNSCloak(ios)](https://apps.apple.com/us/app/dnscloak-secure-dns-client/id1452162351)
* [Content farm hosts](https://raw.githubusercontent.com/ookangzheng/blahdns/master/hosts/contentfarms.host)
* [Whitelist](https://raw.githubusercontent.com/ookangzheng/blahdns/master/hosts/whitelist.txt)
* [Blacklist](https://raw.githubusercontent.com/ookangzheng/blahdns/master/hosts/blacklist.txt)
## Other Adblock projects
**RPZ**
* [Blockconvert RPZ](https://raw.githubusercontent.com/mkb2091/blockconvert/master/output/domains.rpz)
* [hBlock RPZ](https://hblock.molinero.dev/hosts_rpz.txt)
**Unbound**
* [hBlock Unbound](https://hblock.molinero.dev/hosts_unbound.conf)
**DNSmasq**
* [hBlock dnsmasq](https://hblock.molinero.dev/hosts_dnsmasq.conf)
* [notracking](https://github.com/notracking/hosts-blocklists)
**uBlockOrigin/Abp rules
* [blockconvert](https://raw.githubusercontent.com/mkb2091/blockconvert/master/output/adblock.txt)
* [hBlock](https://hblock.molinero.dev/hosts_adblock.txt)
**Whitelist**
* [Blockconvert whitelist](https://raw.githubusercontent.com/mkb2091/blockconvert/master/output/whitelist_domains.txt)
## Source use on Blahdns
**Updated on July 29, 2019**
### All-in-one
* https://1hos.cf/Pro
* https://dbl.oisd.nl/
* https://hblock.molinero.xyz/hosts
* https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts
* https://raw.githubusercontent.com/vokins/yhosts/master/hosts.txt
### Malware / Phishing
* https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt
* https://phishing.army/download/phishing_army_blocklist.txt
* http://theantisocialengineer.com/AntiSocial_Blacklist_Community_V1.txt
* https://raw.githubusercontent.com/r-a-y/mobile-hosts/master/AdguardMobileSpyware.txt
### Ads & Tracker
* https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
* https://www.squidblacklist.org/downloads/dg-ads.acl
* https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt
* https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Hosts/GoodbyeAds.txt
* https://github.com/jawz101/MobileAdTrackers/blob/master/hosts
* https://raw.githubusercontent.com/quidsup/notrack/master/trackers.txt
* https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
* https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt
* https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt
### Torrent - Not included
* https://tspprs.com/dl/torrent
* https://github.com/ngosang/trackerslist/blob/master/trackers_all.txt
* https://github.com/ngosang/trackerslist/blob/master/blacklist.txt
## Related awesome projects
1. https://github.com/notracking/hosts-blocklists (dnsmasq)
2. https://github.com/oznu/dns-zone-blacklist (nxdomain)
3. https://github.com/anudeepND/blacklist/ (blacklist)
4. https://github.com/anudeepND/whitelist (whitelist)
5. https://www.reddit.com/comments/9xwwwy (DBL all in one)
6. https://github.com/maravento/blackweb
7. https://github.com/gaenserich/hostsblock (Linux hosts only)
8. https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist
9. https://phishing.army/
10. https://github.com/maravento/blackweb (Squid cache)

325
hosts/blacklist.txt Executable file
View File

@@ -0,0 +1,325 @@
## This blacklist maintaince by @ookangzheng
## Attribution-NonCommercial 4.0 International (CC BY-NC-SA 4.0)
# Manhuaren.com - android comic app
logger.c1oudmobi.net
tkup.uparpu.com
# luckyorange.net -- Dynamic web recording user heat map and behaviour
settings.luckyorange.net # https://www.editage.com.tw/inquire.html use it to track user
# notifyvisitors.com # web site heat map
analytics.notifyvisitors.com
cdn.notifyvisitors.com
#Japan i-mobile ad fraud
spcdnresource-akcf.i-mobile.co.jp
# Leapmobs ads tracking
clk.cpi.leapmobs.com
# Samsung knox
analytics.samsungknox.com
# Vizio.com
rlog_sem.vizio.com #https://www.reddit.com/r/pihole/comments/aytpge/excessive_dns_queries_to_rlog_semviziocom/
# www.bostonglobe.com
meter.bostonglobe.com
c.amazon-adsystem.com
connect.facebook.com
cdn.krxd.net
dz9qn8fh4jznm.cloudfront.net
# 蘋果日報
useg.nextdigital.com.hk
lptag.liveperson.net
imp.appledaily.com
# EttToday
wurfl.io
ad.ettoday.net
# mob.com
l.gm.mob.com
api.applink.mob.com
f.gm.mob.com
# XiaoMi ads tracker https://gist.github.com/yalu/3113699c7c4d1daee11ade977d93049b
app-analytics-us.huami.com
app-analytics-india.huami.com
ad.state.mi.us
tastesk.net
api.ad.xiaomi.com
api.admob.xiaomi.com
api.d.xiaomi.com
a.stat.xiaomi.com
tracking.miui.com
cdn.ad.xiaomi.com
data.mistat.xiaomi.com
e.ad.xiaomi.com
globalapi.ad.xiaomi.com
new.api.ad.xiaomi.com
sdkconfig.ad.xiaomi.com
ssp.ad.xiaomi.com
test.ad.xiaomi.com
test.e.ad.xiaomi.com
test.new.api.ad.xiaomi.com
cc.sys.intl.xiaomi.com
cc.sys.miui.com
ccc.sys.miui.com
ccc.sys.intl.xiaomi.com
data.mistat.intl.xiaomi.com
adv.sec.miui.com
geofence.sys.miui.com
abtest.mistat.xiaomi.com
logupdate.avlyun.sec.miui.com
mazu.sec.miui.com
feedback.miui.com
data.sec.miui.com
data.mistat.intl.xiaomi.com
# 看漫畫 Android comic viewer app
api.adthor.com # show ads on mahuaren.com android ads (outside china, singapore server)
api.zcoup.com
sdk.adtiming.com
ad.sitemaji.com
logger.zcoup.com
ulogs.umeng.com
userdata.andrcool.com
ad4.com.cn
static.youappi.com
# CERT Vulnerability (#598349)
wpad.example.com
# Chinese tracker
discuz.gtimg.cn
hao.360.cn
ip.ia22.com
l.ad4.com.cn
log.sina.cn
log.tbs.qq.com
main.exoclick.com
mathtype.cn
sa.tuisong.baidu.com
sa1.tuisong.baidu.com
# APP tracker
api.branch.io
api.segment.io
cdn.segment.com
onesignal.com
api.mixpanel.com
go.ero-advertising.com
www.eroadvertising.com
# Panda.tv
aplay.wan.panda.tv
caesar.wan.panda.tv
play.wan.panda.tv
wan.panda.tv
# 斗鱼
g.wan.douyu.com
cdn.g.wan.douyu.com
# ggsafe.com
wifi.ggsafe.com
# 游族的公司投放页游广告
v3m.youzu.com
# Unlisted
adver7.clickmon.co.kr
adver11.clickmon.co.kr
e5019.e2.akamaiedge.net
wahaha.work
notify.zhushou.sogou.com
i10c.net
ad2iction.com
adcl.pchome.com.tw
ads.yap.yahoo.com
appier.net
appsflyer.com
gemini.yahoo.com
dable.io
doublemax.net
s.zimedia.com.tw
popin.cc
r.search.yahoo.com
securegfm.com
tenmax.io
# Mostly Microsoft telemetry, spying smartTVs, IG/Facebook trackers, analytics, and mobile app analytics. Google Ads, Amazon Ads, and MoatAds
trk.pinterest.com
v10.vortex-win.data.microsoft.com
settings-win.data.microsoft.com
redirector.gvt1.com
watson.telemetry.microsoft.com
win1710.ipv6.microsoft.com
device-api.urbanairship.com
littlefield.logs.roku.com
ichnaea.netflix.com
mss.handmark.com
scribe.logs.roku.com
cooper.logs.roku.com
e.reddit.com
mobile.pipe.aria.microsoft.com
cdn.samsungcloudsolution.com
mobile-collector.newrelic.com
log-ingestion.samsungacr.com
graph.instagram.com
ssl.google-analytics.com
video-stats.l.google.com
cdn-content.ampproject.org
googleads.g.doubleclick.net
e.crashlytics.com
www.googleadservices.com
nexus.officeapps.live.com
z.moatads.com
settings.crashlytics.com
v10.events.data.microsoft.com
combine.urbanairship.com
mads.amazon.com
secure-dcr-cert.imrworldwide.com
app.adjust.com
graph.accountkit.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
secure-dcr.imrworldwide.com
reports.crashlytics.com
watson.telemetry.microsoft.com
control2.tvinteractive.tv
i10c.net
ad2iction.com
adcl.pchome.com.tw
ads.yap.yahoo.com
appier.net
appsflyer.com
gemini.yahoo.com
dable.io
doublemax.net
s.zimedia.com.tw
popin.cc
r.search.yahoo.com
securegfm.com
tenmax.io
adver10.clickmon.co.kr
littlefield.logs.roku.com
s.amazon-adsystem.com
nexusrules.officeapps.live.com
sb.scorecardresearch.com
www.google-analytics.com
config2.mparticle.com
pbcde.com
m-shes.ru
pl14960438.pvclouds.com
adsbb.depositfiles.com
sb.scorecardresearch.com
ads.exdynsrv.com
bj1110.online
wpad.example.com
2ip.ru
sky.2ip.ru
syndication.twitter.com
sp2.baidu.com
m.henxg.cn
m.lsiwd.cn
photo.0234408.cn
staticxx.facebook.com
photo.yingtaiboli.cn
yingtaiboli.cn
m.syxsa.cn
m.sdfvk.cn
# Akamai DNS tools
# https://developer.akamai.com/blog/2018/05/10/introducing-new-whoami-tool-dns-resolver-information
# whoami.akamai.net # will block and discontinue, pls use whoami.ds.akahelp.net
# Others
log.quora.com
count-server.sharethis.com
data.sharethis.com
ead.sharethis.com
edge.sharethis.com
emu.sharethis.com
engineering.sharethis.com
kiwi.sharethis.com
l.sharethis.com
platform-api.sharethis.com
px.sharethis.com
pxcel.sharethis.com
rest.sharethis.com
s.sharethis.com
sad.sharethis.com
sd.sharethis.com
seg.sharethis.com
t.sharethis.com
w.sharethis.com
wd.sharethis.com
wd-edge.sharethis.com
ws.sharethis.com
sharethis.com
capture.trackjs.com
cdn.trackjs.com
my.trackjs.com
usage.trackjs.com
trackjs.com
hcs084epsepa004.som.ad.state.mi.us
mx-gw.floraa.wales
bv4p.xgx3f3588.com
xgx3f3588.com
a9v8.cn
c.y.qq.com
play.aniview.com
ssp.lkgd.net
ads.stickyadstv.com
algovid.com
ssp.streamrail.net
v.algovid.com
events.streamrail.net
predictionai.com
duologinsupersdk.ewan.cn
engagethepower.org
analytics.localytics.com
dr.sg.baidu.com
useg.nextdigital.com.hk
lptag.liveperson.net
imp.appledaily.com
meter.bostonglobe.com
dz9qn8fh4jznm.cloudfront.net
rlog_sem.vizio.com
analytics.samsungknox.com
clk.cpi.leapmobs.com
a6709203f34992a5095d2bc7ceaf2ec504f651a8.cws.conviva.com
lap-click.tr.line.me
vj.quanjingpay.com
www.r1oman.com
kenzz9.xyz
m.bchchk.cn
m.drrcns.cn
drrcns.cn
api.zhy333.com
m.yyfymj.com
m.bihutg.com
m.zhaibei112.top
www.khlgauqt2000.com
m.fexiaen.com
e.oul78c.cn
abs.ireaderm.net
api.ireaderm.net
logger.suibyuming.com
# Report from user
## by Eden
appgiftwall.oss-us-west-1.aliyuncs.com
www.bjhdrx.com
www.qcoldtui1999.com
www.victory1999.com
www.tuigang1999.com
dartmotif.net
ssv.admost.com
mobile.admost.com
adserver.admost.com
api.admost.com

4488
hosts/contentfarms.host Executable file
View File

File diff suppressed because it is too large Load Diff

10
hosts/convert.py Executable file
View File

@@ -0,0 +1,10 @@
import os
inputFile = "gravity.list"
outputFile = "rpz.blacklist"
with open(inputFile, 'r') as f: # load file
lines = f.read().splitlines() # read lines
os.remove("rpz.blacklist")
with open(outputFile, 'w') as f:
f.write('\n'.join([line + ' CNAME .' for line in lines]))

686
hosts/custom-list.txt Executable file
View File

@@ -0,0 +1,686 @@
#######################################
# https://gist.github.com/opus-x/3e673a9d5db2a214df05929a4eee6a57
#######################################
# BLOCK THE FOLLOWING SPOTIFY SERVERS #
#######################################
0.0.0.0 adeventtracker.spotify.com
0.0.0.0 ads-akp.spotify.com
0.0.0.0 audio-ak.spotify.com
0.0.0.0 audio-akp.spotify.com
0.0.0.0 analytics.spotify.com
0.0.0.0 assets.spotify.com
0.0.0.0 audio-cf.spotify.com
0.0.0.0 audio-fa.spotify.com
0.0.0.0 audio-fab.spotify.com
0.0.0.0 audio-fac-spotify.com
0.0.0.0 audio-gc.scdn.co
0.0.0.0 audio-gc.spotify.com
0.0.0.0 crashdump.spotify.com
0.0.0.0 crashdump.ciqe-gslb.spotify.com
0.0.0.0 heads-ak.spotify.com
0.0.0.0 heads-akp.spotify.com
0.0.0.0 heads-cf.spotify.com
0.0.0.0 heads-fa.scdn.co
0.0.0.0 heads-fa.spotify.com
0.0.0.0 heads-fab.spotify.com
0.0.0.0 heads-fac.spotify.com
0.0.0.0 links.spotify.com
0.0.0.0 log.spotify.com
0.0.0.0 log2.spotify.com
0.0.0.0 mp3ad.scdn.co
0.0.0.0 partner-service.spotify.com
0.0.0.0 partner-service-testing.spotify.com
0.0.0.0 payment-callback.spotify.com
0.0.0.0 pci.spotify.com
0.0.0.0 pixel.spotify.com
0.0.0.0 upgrade.scdn.co # optional
0.0.0.0 upgrade.spotify.com # optional
0.0.0.0 video-fa.scdn.co
0.0.0.0 video-fa.cdn.spotify.com
0.0.0.0 video-fa-b.cdn.spotify.com
######################################
# BLOCK THE FOLLOWING AKAMAI SERVERS #
######################################
0.0.0.0 audio-ak-spotify-com.akamaized.net
0.0.0.0 audio-ake.spotify.com.edgesuite.net
0.0.0.0 audio-akp-spotify-com.akamaized.net
0.0.0.0 audio-ak.spotify.com.edgesuite.net
0.0.0.0 audio-akp.spotify.com.edgesuite.net
0.0.0.0 audio4-ak.spotify.com.edgesuite.net
0.0.0.0 audio4-akp.spotify.com.edgesuite.net
0.0.0.0 audio-ak.spotify.com.eip.akadns.net
0.0.0.0 eip-onnet.audio-ak.spotify.com.akahost.net
0.0.0.0 eip-tata.audio-ak.spotify.com.akahost.net
0.0.0.0 eip-ntt.audio-ak.spotify.com.akahost.net
0.0.0.0 event.spotxchange.com
0.0.0.0 heads-ak.spotify.com.edgesuite.net
0.0.0.0 heads-akp.spotify.com.edgesuite.net
0.0.0.0 heads4-ak.spotify.com.edgesuite.net
0.0.0.0 heads4-akp.spotify.com.edgesuite.net
0.0.0.0 search.spotxchange.com
0.0.0.0 sync.search.spotxchange.com
0.0.0.0 spotxchange.com
0.0.0.0 www.spotx.tv
0.0.0.0 00.video-ak.cdn.spotify.com
0.0.0.0 01.video-ak.cdn.spotify.com
0.0.0.0 02.video-ak.cdn.spotify.com
0.0.0.0 03.video-ak.cdn.spotify.com
0.0.0.0 04.video-ak.cdn.spotify.com
0.0.0.0 05.video-ak.cdn.spotify.com
0.0.0.0 06.video-ak.cdn.spotify.com
0.0.0.0 07.video-ak.cdn.spotify.com
0.0.0.0 08.video-ak.cdn.spotify.com
0.0.0.0 09.video-ak.cdn.spotify.com
0.0.0.0 10.video-ak.cdn.spotify.com
0.0.0.0 11.video-ak.cdn.spotify.com
0.0.0.0 12.video-ak.cdn.spotify.com
0.0.0.0 13.video-ak.cdn.spotify.com
0.0.0.0 14.video-ak.cdn.spotify.com
0.0.0.0 15.video-ak.cdn.spotify.com
0.0.0.0 16.video-ak.cdn.spotify.com
0.0.0.0 17.video-ak.cdn.spotify.com
0.0.0.0 18.video-ak.cdn.spotify.com
0.0.0.0 19.video-ak.cdn.spotify.com
0.0.0.0 1a.video-ak.cdn.spotify.com
0.0.0.0 1b.video-ak.cdn.spotify.com
0.0.0.0 1c.video-ak.cdn.spotify.com
0.0.0.0 1d.video-ak.cdn.spotify.com
0.0.0.0 1e.video-ak.cdn.spotify.com
0.0.0.0 1f.video-ak.cdn.spotify.com
0.0.0.0 20.video-ak.cdn.spotify.com
0.0.0.0 21.video-ak.cdn.spotify.com
0.0.0.0 22.video-ak.cdn.spotify.com
0.0.0.0 23.video-ak.cdn.spotify.com
0.0.0.0 24.video-ak.cdn.spotify.com
0.0.0.0 25.video-ak.cdn.spotify.com
0.0.0.0 26.video-ak.cdn.spotify.com
0.0.0.0 27.video-ak.cdn.spotify.com
0.0.0.0 28.video-ak.cdn.spotify.com
0.0.0.0 29.video-ak.cdn.spotify.com
0.0.0.0 2a.video-ak.cdn.spotify.com
0.0.0.0 2b.video-ak.cdn.spotify.com
0.0.0.0 2c.video-ak.cdn.spotify.com
0.0.0.0 2d.video-ak.cdn.spotify.com
0.0.0.0 2e.video-ak.cdn.spotify.com
0.0.0.0 2f.video-ak.cdn.spotify.com
0.0.0.0 30.video-ak.cdn.spotify.com
0.0.0.0 31.video-ak.cdn.spotify.com
0.0.0.0 32.video-ak.cdn.spotify.com
0.0.0.0 33.video-ak.cdn.spotify.com
0.0.0.0 34.video-ak.cdn.spotify.com
0.0.0.0 35.video-ak.cdn.spotify.com
0.0.0.0 36.video-ak.cdn.spotify.com
0.0.0.0 37.video-ak.cdn.spotify.com
0.0.0.0 38.video-ak.cdn.spotify.com
0.0.0.0 39.video-ak.cdn.spotify.com
0.0.0.0 3a.video-ak.cdn.spotify.com
0.0.0.0 3b.video-ak.cdn.spotify.com
0.0.0.0 3c.video-ak.cdn.spotify.com
0.0.0.0 3d.video-ak.cdn.spotify.com
0.0.0.0 3e.video-ak.cdn.spotify.com
0.0.0.0 3f.video-ak.cdn.spotify.com
0.0.0.0 40.video-ak.cdn.spotify.com
0.0.0.0 41.video-ak.cdn.spotify.com
0.0.0.0 42.video-ak.cdn.spotify.com
0.0.0.0 43.video-ak.cdn.spotify.com
0.0.0.0 44.video-ak.cdn.spotify.com
0.0.0.0 45.video-ak.cdn.spotify.com
0.0.0.0 46.video-ak.cdn.spotify.com
0.0.0.0 47.video-ak.cdn.spotify.com
0.0.0.0 48.video-ak.cdn.spotify.com
0.0.0.0 49.video-ak.cdn.spotify.com
0.0.0.0 4a.video-ak.cdn.spotify.com
0.0.0.0 4b.video-ak.cdn.spotify.com
0.0.0.0 4c.video-ak.cdn.spotify.com
0.0.0.0 4d.video-ak.cdn.spotify.com
0.0.0.0 4e.video-ak.cdn.spotify.com
0.0.0.0 4f.video-ak.cdn.spotify.com
0.0.0.0 50.video-ak.cdn.spotify.com
0.0.0.0 51.video-ak.cdn.spotify.com
0.0.0.0 52.video-ak.cdn.spotify.com
0.0.0.0 53.video-ak.cdn.spotify.com
0.0.0.0 54.video-ak.cdn.spotify.com
0.0.0.0 55.video-ak.cdn.spotify.com
0.0.0.0 56.video-ak.cdn.spotify.com
0.0.0.0 64.video-ak.cdn.spotify.com
0.0.0.0 6d.video-ak.cdn.spotify.com
0.0.0.0 6e.video-ak.cdn.spotify.com
0.0.0.0 6f.video-ak.cdn.spotify.com
0.0.0.0 70.video-ak.cdn.spotify.com
0.0.0.0 71.video-ak.cdn.spotify.com
0.0.0.0 72.video-ak.cdn.spotify.com
0.0.0.0 73.video-ak.cdn.spotify.com
0.0.0.0 74.video-ak.cdn.spotify.com
0.0.0.0 75.video-ak.cdn.spotify.com
0.0.0.0 76.video-ak.cdn.spotify.com
0.0.0.0 77.video-ak.cdn.spotify.com
0.0.0.0 78.video-ak.cdn.spotify.com
0.0.0.0 79.video-ak.cdn.spotify.com
0.0.0.0 7a.video-ak.cdn.spotify.com
0.0.0.0 7b.video-ak.cdn.spotify.com
0.0.0.0 7c.video-ak.cdn.spotify.com
0.0.0.0 7d.video-ak.cdn.spotify.com
0.0.0.0 7e.video-ak.cdn.spotify.com
0.0.0.0 7f.video-ak.cdn.spotify.com
0.0.0.0 80.video-ak.cdn.spotify.com
0.0.0.0 81.video-ak.cdn.spotify.com
0.0.0.0 82.video-ak.cdn.spotify.com
0.0.0.0 83.video-ak.cdn.spotify.com
0.0.0.0 84.video-ak.cdn.spotify.com
0.0.0.0 85.video-ak.cdn.spotify.com
0.0.0.0 86.video-ak.cdn.spotify.com
0.0.0.0 87.video-ak.cdn.spotify.com
0.0.0.0 88.video-ak.cdn.spotify.com
0.0.0.0 89.video-ak.cdn.spotify.com
0.0.0.0 8a.video-ak.cdn.spotify.com
0.0.0.0 8b.video-ak.cdn.spotify.com
0.0.0.0 8c.video-ak.cdn.spotify.com
0.0.0.0 8d.video-ak.cdn.spotify.com
0.0.0.0 8e.video-ak.cdn.spotify.com
0.0.0.0 8f.video-ak.cdn.spotify.com
0.0.0.0 90.video-ak.cdn.spotify.com
0.0.0.0 91.video-ak.cdn.spotify.com
0.0.0.0 92.video-ak.cdn.spotify.com
0.0.0.0 93.video-ak.cdn.spotify.com
0.0.0.0 94.video-ak.cdn.spotify.com
0.0.0.0 95.video-ak.cdn.spotify.com
0.0.0.0 96.video-ak.cdn.spotify.com
0.0.0.0 97.video-ak.cdn.spotify.com
0.0.0.0 98.video-ak.cdn.spotify.com
0.0.0.0 99.video-ak.cdn.spotify.com
0.0.0.0 9a.video-ak.cdn.spotify.com
0.0.0.0 9b.video-ak.cdn.spotify.com
0.0.0.0 9c.video-ak.cdn.spotify.com
0.0.0.0 9d.video-ak.cdn.spotify.com
0.0.0.0 9e.video-ak.cdn.spotify.com
0.0.0.0 9f.video-ak.cdn.spotify.com
0.0.0.0 a0.video-ak.cdn.spotify.com
0.0.0.0 a1.video-ak.cdn.spotify.com
0.0.0.0 a2.video-ak.cdn.spotify.com
0.0.0.0 a3.video-ak.cdn.spotify.com
0.0.0.0 a4.video-ak.cdn.spotify.com
0.0.0.0 a5.video-ak.cdn.spotify.com
0.0.0.0 a6.video-ak.cdn.spotify.com
0.0.0.0 a7.video-ak.cdn.spotify.com
0.0.0.0 a8.video-ak.cdn.spotify.com
0.0.0.0 a9.video-ak.cdn.spotify.com
0.0.0.0 aa.video-ak.cdn.spotify.com
0.0.0.0 ab.video-ak.cdn.spotify.com
0.0.0.0 ac.video-ak.cdn.spotify.com
0.0.0.0 ad.video-ak.cdn.spotify.com
0.0.0.0 ae.video-ak.cdn.spotify.com
0.0.0.0 af.video-ak.cdn.spotify.com
0.0.0.0 b0.video-ak.cdn.spotify.com
0.0.0.0 b1.video-ak.cdn.spotify.com
0.0.0.0 b2.video-ak.cdn.spotify.com
0.0.0.0 b3.video-ak.cdn.spotify.com
0.0.0.0 b4.video-ak.cdn.spotify.com
0.0.0.0 b5.video-ak.cdn.spotify.com
0.0.0.0 b6.video-ak.cdn.spotify.com
0.0.0.0 b7.video-ak.cdn.spotify.com
0.0.0.0 b8.video-ak.cdn.spotify.com
0.0.0.0 b9.video-ak.cdn.spotify.com
0.0.0.0 ba.video-ak.cdn.spotify.com
0.0.0.0 bb.video-ak.cdn.spotify.com
0.0.0.0 bc.video-ak.cdn.spotify.com
0.0.0.0 bd.video-ak.cdn.spotify.com
0.0.0.0 be.video-ak.cdn.spotify.com
0.0.0.0 bf.video-ak.cdn.spotify.com
0.0.0.0 c0.video-ak.cdn.spotify.com
0.0.0.0 c1.video-ak.cdn.spotify.com
0.0.0.0 c2.video-ak.cdn.spotify.com
0.0.0.0 c3.video-ak.cdn.spotify.com
0.0.0.0 c4.video-ak.cdn.spotify.com
0.0.0.0 c5.video-ak.cdn.spotify.com
0.0.0.0 c6.video-ak.cdn.spotify.com
0.0.0.0 c7.video-ak.cdn.spotify.com
0.0.0.0 c8.video-ak.cdn.spotify.com
0.0.0.0 c9.video-ak.cdn.spotify.com
0.0.0.0 ca.video-ak.cdn.spotify.com
0.0.0.0 cb.video-ak.cdn.spotify.com
0.0.0.0 cc.video-ak.cdn.spotify.com
0.0.0.0 cd.video-ak.cdn.spotify.com
0.0.0.0 ce.video-ak.cdn.spotify.com
0.0.0.0 cf.video-ak.cdn.spotify.com
0.0.0.0 d0.video-ak.cdn.spotify.com
0.0.0.0 d1.video-ak.cdn.spotify.com
0.0.0.0 d2.video-ak.cdn.spotify.com
0.0.0.0 d3.video-ak.cdn.spotify.com
0.0.0.0 d4.video-ak.cdn.spotify.com
0.0.0.0 d5.video-ak.cdn.spotify.com
0.0.0.0 d6.video-ak.cdn.spotify.com
0.0.0.0 d7.video-ak.cdn.spotify.com
0.0.0.0 d8.video-ak.cdn.spotify.com
0.0.0.0 d9.video-ak.cdn.spotify.com
0.0.0.0 da.video-ak.cdn.spotify.com
0.0.0.0 db.video-ak.cdn.spotify.com
0.0.0.0 dc.video-ak.cdn.spotify.com
0.0.0.0 dd.video-ak.cdn.spotify.com
0.0.0.0 de.video-ak.cdn.spotify.com
0.0.0.0 df.video-ak.cdn.spotify.com
0.0.0.0 e0.video-ak.cdn.spotify.com
0.0.0.0 e1.video-ak.cdn.spotify.com
0.0.0.0 e2.video-ak.cdn.spotify.com
0.0.0.0 e3.video-ak.cdn.spotify.com
0.0.0.0 e4.video-ak.cdn.spotify.com
0.0.0.0 e5.video-ak.cdn.spotify.com
0.0.0.0 e6.video-ak.cdn.spotify.com
0.0.0.0 e7.video-ak.cdn.spotify.com
0.0.0.0 e8.video-ak.cdn.spotify.com
0.0.0.0 e9.video-ak.cdn.spotify.com
0.0.0.0 ea.video-ak.cdn.spotify.com
0.0.0.0 eb.video-ak.cdn.spotify.com
0.0.0.0 ec.video-ak.cdn.spotify.com
0.0.0.0 ed.video-ak.cdn.spotify.com
0.0.0.0 ee.video-ak.cdn.spotify.com
0.0.0.0 ef.video-ak.cdn.spotify.com
0.0.0.0 f0.video-ak.cdn.spotify.com
0.0.0.0 f1.video-ak.cdn.spotify.com
0.0.0.0 f2.video-ak.cdn.spotify.com
0.0.0.0 f3.video-ak.cdn.spotify.com
0.0.0.0 f4.video-ak.cdn.spotify.com
0.0.0.0 f5.video-ak.cdn.spotify.com
0.0.0.0 f6.video-ak.cdn.spotify.com
0.0.0.0 f7.video-ak.cdn.spotify.com
0.0.0.0 f8.video-ak.cdn.spotify.com
0.0.0.0 f9.video-ak.cdn.spotify.com
0.0.0.0 fc.video-ak.cdn.spotify.com
0.0.0.0 fd.video-ak.cdn.spotify.com
0.0.0.0 fe.video-ak.cdn.spotify.com
0.0.0.0 ff.video-ak.cdn.spotify.com
########################################
# BELOW ARE EXTERNAL ADS AND ANALYTICS #
########################################
0.0.0.0 adjust.com
0.0.0.0 atom.adjust.com
0.0.0.0 events.adjust.com
0.0.0.0 ulink.adjust.com
0.0.0.0 view.adjust.com
# block admob ads
0.0.0.0 a.admob.com
0.0.0.0 ac1.vip.sc9.admob.com
0.0.0.0 ac208.sc9.admob.com
0.0.0.0 admob.biz
0.0.0.0 admob.co.kr
0.0.0.0 admob.co.nz
0.0.0.0 admob.co.uk
0.0.0.0 admob.com
0.0.0.0 admob.de
0.0.0.0 admob.dk
0.0.0.0 admob.es
0.0.0.0 admob.fi
0.0.0.0 admob.fr
0.0.0.0 admob.gr
0.0.0.0 admob.it
0.0.0.0 admob.jp
0.0.0.0 admob.kr
0.0.0.0 admob.mobi
0.0.0.0 admob.no
0.0.0.0 admob.pt
0.0.0.0 admob.sg
0.0.0.0 admob.tk
0.0.0.0 admob.tw
0.0.0.0 ads.admob.com
0.0.0.0 analytics.admob.com
0.0.0.0 api.admob.com
0.0.0.0 api.admob.xiaomi.com
0.0.0.0 b.admob.com
0.0.0.0 broadcast.admob.com
0.0.0.0 c.admob.com
0.0.0.0 c1.vip.sc9.admob.com
0.0.0.0 clk1.vip.sc9.admob.com
0.0.0.0 clk2.vip.sc9.admob.com
0.0.0.0 clk3.vip.sc9.admob.com
0.0.0.0 cpm.admob.com
0.0.0.0 cpm1.admob.com
0.0.0.0 cpm1.vip.sc9.admob.com
0.0.0.0 cpm2.admob.com
0.0.0.0 cpm2.vip.sc9.admob.com
0.0.0.0 cpm3.admob.com
0.0.0.0 cpm3.vip.sc9.admob.com
0.0.0.0 d.admob.com
0.0.0.0 dep.admob.com
0.0.0.0 dev1.vip.sc9.admob.com
0.0.0.0 developer.admob.com
0.0.0.0 e.admob.com
0.0.0.0 eng.admob.com
0.0.0.0 f.admob.com
0.0.0.0 g.admob.com
0.0.0.0 games.admob.com
0.0.0.0 ge-0-0-1-edge1.sc9.admob.com
0.0.0.0 ge-0-0-43-crs1.sc9.admob.com
0.0.0.0 gw.admob.com
0.0.0.0 h.admob.com
0.0.0.0 i.admob.com
0.0.0.0 j.admob.com
0.0.0.0 jp.admob.com
0.0.0.0 k.admob.com
0.0.0.0 l.admob.com
0.0.0.0 m.admob.com
0.0.0.0 media.admob.com
0.0.0.0 metrics.admob.com
0.0.0.0 mm.admob.com
0.0.0.0 mm1.vip.sc1.admob.com
0.0.0.0 mm1.vip.sc9.admob.com
0.0.0.0 mm104.sc9.admob.com
0.0.0.0 mmv.admob.com
0.0.0.0 n.admob.com
0.0.0.0 network.admob.com
0.0.0.0 o.admob.com
0.0.0.0 p.admob.com
0.0.0.0 p1.vip.sc9.admob.com
0.0.0.0 paix1.sc1.admob.com
0.0.0.0 pixel.admobclick.com
0.0.0.0 pt.admob.com
0.0.0.0 q.admob.com
0.0.0.0 r.admob.com
0.0.0.0 r2.vip.sc9.admob.com
0.0.0.0 rmd.admob.com
0.0.0.0 s.admob.com
0.0.0.0 sc1.admob.com
0.0.0.0 sc9.admob.com
0.0.0.0 smtp.admob.com
0.0.0.0 smtp2.admob.com
0.0.0.0 t.admob.com
0.0.0.0 tap1.vip.sc9.admob.com
0.0.0.0 tic1.vip.sc9.admob.com
0.0.0.0 tracking.admobsphere.com
0.0.0.0 tx102.sc9.admob.com
0.0.0.0 tx103.sc9.admob.com
0.0.0.0 u.admob.com
0.0.0.0 ukr.admob.com
0.0.0.0 v.admob.com
0.0.0.0 vip.sc9.admob.com
0.0.0.0 w.admob.com
0.0.0.0 wap.admob.com
0.0.0.0 waps.admob.com
0.0.0.0 wendy.admob.com
0.0.0.0 www.admob.com
0.0.0.0 www.admob.com.akadns.net
0.0.0.0 www1.vip.sc9.admob.com
0.0.0.0 x.admob.com
0.0.0.0 y.admob.com
0.0.0.0 z.admob.com
0.0.0.0 zhcn.admob.com
# block akamai technologies (i doubt it will be used directly)
0.0.0.0 a1294.w20.akamai.net
0.0.0.0 a1843.g.akamai.net
0.0.0.0 a50.g2.akamai.net
0.0.0.0 bsams.eyeblaster.akadns.net
0.0.0.0 e7876.dscg.akamaiedge.net
0.0.0.0 e8218.dscb1.akamaiedge.net
# block amazon (i doubt it will be used directly)
0.0.0.0 na.gmtdmp.com
0.0.0.0 d2gi7ultltnc2u.cloudfront.net
0.0.0.0 lb1-217593028.us-east-1.elb.amazonaws.com
0.0.0.0 rp-lb-766892831.us-east-1.elb.amazonaws.com
0.0.0.0 server-54-230-216-203.mrs50.r.cloudfront.net
# block aol
0.0.0.0 adserver.adtechus.com
# appnexus
0.0.0.0 a.adk2x.com
0.0.0.0 adnxs.com
0.0.0.0 adnxs.comadplexmedia.adk2x.com
0.0.0.0 ams1-ib.adnxs.com
0.0.0.0 ib.adnxs.com
# block ayden payments
0.0.0.0 live.adyen.com
# block bounce exchange (anonymous)
0.0.0.0 bounceexchange.com
# block comscore analytics
0.0.0.0 admetrix.comscore.com
0.0.0.0 api.comscore.com
0.0.0.0 aser.comscore.com
0.0.0.0 cdr.comscore.com
0.0.0.0 cer.comscore.com
0.0.0.0 comscore.net
0.0.0.0 comscore.org
0.0.0.0 comscoredatagems.com
0.0.0.0 comscoredatamine.com
0.0.0.0 comscoredirect.net
0.0.0.0 comscorenetworks.net
0.0.0.0 ia1.comscore.com
0.0.0.0 ia2.comscore.com
0.0.0.0 iad.comscore.com
0.0.0.0 im.comscore.com
0.0.0.0 images.comscore.com
0.0.0.0 labs.comscore.com
0.0.0.0 mail2.comscore.com
0.0.0.0 marketer.comscore.com
0.0.0.0 mx0.comscore.com
0.0.0.0 mx1.comscore.com
0.0.0.0 mx2.comscore.com
0.0.0.0 my.comscore.com
0.0.0.0 mycomscore.com
0.0.0.0 mymetrix.comscore.com
0.0.0.0 myresearch.comscore.com
0.0.0.0 ord.comscore.com
0.0.0.0 postbuy.comscore.com
0.0.0.0 proclarity.comscore.com
0.0.0.0 qat.comscore.com
0.0.0.0 siterecruit.comscore.com
0.0.0.0 svn.comscore.com
0.0.0.0 www.comscore.com
0.0.0.0 www.mycomscore.net
# block crashlytics
0.0.0.0 crashlytics.163.com
0.0.0.0 crashlytics.com
0.0.0.0 crashlytics.twimg.com
0.0.0.0 e.crashlytics.com
0.0.0.0 reports.crashlytics.com
0.0.0.0 settings-crashlytics-1410998606.us-east-1.elb.amazonaws.com
0.0.0.0 settings-crashlytics-b-103974621.us-east-1.elb.amazonaws.com
0.0.0.0 settings.crashlytics.com
# block data protected
0.0.0.0 combine.urbanairship.com
# block drawbridge
0.0.0.0 ads-west-colo.adsymptotic.com
# block geotrust
0.0.0.0 gtssl2-ocsp.geotrust.com
# block google ads / analytics
0.0.0.0 ad.doubleclick.net
0.0.0.0 adclick.g.doublecklick.net
0.0.0.0 ade.googlesyndication.com
0.0.0.0 adservice.google.com
0.0.0.0 analytics.google.com
0.0.0.0 doubleclick.net
0.0.0.0 ee-in-f95.1.e100.net
0.0.0.0 gcdn.2mdn.net
0.0.0.0 googleads.g.doubleclick.net
0.0.0.0 googleads4.g.doubleclick.net
0.0.0.0 googleadservices.com
0.0.0.0 s0.2mdn.net
0.0.0.0 pagead.l.doubleclick.net
0.0.0.0 pagead-googlehosted.l.google.com
0.0.0.0 pagead2.googlesyndication.com
0.0.0.0 pagead46.l.doubleclick.net
0.0.0.0 partner.googleadservices.com
0.0.0.0 partnerad.l.doubleclick.net
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 s0-2mdn-net.l.google.com
0.0.0.0 s0.2mdn.net
0.0.0.0 securepubads.g.doubleclick.net
0.0.0.0 tpc.googlesyndication.com
0.0.0.0 video-ad-stats.googlesyndication.com
0.0.0.0 www.googleadservices.com
0.0.0.0 www.googletagservices.com
# block integral ad science
0.0.0.0 anycast.pixel.adsafeprotected.com
# block intercom ads
0.0.0.0 api-iam.intercom.io
0.0.0.0 api-ping.intercom.io
0.0.0.0 api.intercom.io
0.0.0.0 developers.intercom.io
0.0.0.0 engineering.intercom.io
0.0.0.0 funky.staging.intercom.io
0.0.0.0 intercom.io
0.0.0.0 internal.intercom.io
0.0.0.0 leadvisualdesigner.intercom.io
0.0.0.0 mobile-sdk-api.intercom.io
0.0.0.0 muster-sandbox.intercom.io
0.0.0.0 nexus-testing.intercom.io
0.0.0.0 nexus-websocket-a.intercom.io
0.0.0.0 nexus.intercom.io
0.0.0.0 orientation.internal.intercom.io
0.0.0.0 status.intercom.io
0.0.0.0 store.intercom.io
0.0.0.0 terraform-modules-test.intercom.io
0.0.0.0 via.intercom.io
0.0.0.0 w.intercom.io
0.0.0.0 widget.intercom.io
0.0.0.0 woody.intercom.io
0.0.0.0 www.intercom.io
# block kantar operations
0.0.0.0 core.insightexpressai.com
# block leanlab
0.0.0.0 track.leanlab.co
# block longtail ad solutions (jwplayer also used for ads)
0.0.0.0 content.bitsontherun.com
0.0.0.0 v.jwpcdn.com
# block media innovation group
0.0.0.0 eu-gmtdmp.gd1.mookie1.com
block # media match
0.0.0.0 media-match.com
# block mobileapptracking ads (now tune)
0.0.0.0 ab.tune.com
0.0.0.0 click.api.cp.tune.com
0.0.0.0 configuration.ma.tune.com
0.0.0.0 corp.tune.com
0.0.0.0 cp.tune.com
0.0.0.0 dev.lab.tune.com
0.0.0.0 event.api.cp.tune.com
0.0.0.0 labs.tune.com
0.0.0.0 ma.tune.com
0.0.0.0 mkt.tune.com
0.0.0.0 multiverse.tune.com
0.0.0.0 ops-prod.us-west-2.k8s.ops.tune.com
0.0.0.0 playlist.ma.tune.com
0.0.0.0 request.api.cp.tune.com
0.0.0.0 stage.tune.com
0.0.0.0 support.tune.com
0.0.0.0 ui.cp.tune.com
0.0.0.0 updates.tune.com
0.0.0.0 www.cp.tune.com
0.0.0.0 www.ui.cp.tune.com
# block mixpanel analytics
0.0.0.0 api.mixpanel.com
0.0.0.0 decide.mixpanel.com
0.0.0.0 mixpanel.com
0.0.0.0 switchboard.mixpanel.com
0.0.0.0 www.mixpanel.com
# block moatads / moatanalytics
0.0.0.0 adgrx.moatads.com
0.0.0.0 afs.moatads.com
0.0.0.0 apx.moatads.com
0.0.0.0 bd.moatads.com
0.0.0.0 c-evt.moatads.com
0.0.0.0 dbg52463.moatads.com
0.0.0.0 ejs.moatads.com
0.0.0.0 evt.moatads.com
0.0.0.0 fs.moatads.com
0.0.0.0 geo.moatads.com
0.0.0.0 jm.moatads.com
0.0.0.0 js.moatads.com
0.0.0.0 json.moatads.com
0.0.0.0 jsonp.moatads.com
0.0.0.0 logtest.moatads.com
0.0.0.0 moat.pxl.ace.advertising.com
0.0.0.0 moatads.com
0.0.0.0 moatads.com.edgekey.net
0.0.0.0 pixel.moatads.com
0.0.0.0 pool3.moatads.com
0.0.0.0 pool5.moatads.com
0.0.0.0 post.update.moatads.com
0.0.0.0 px.moatads.com
0.0.0.0 quantcast584928381.s.moatpixel.com
0.0.0.0 r.254a.comjs.moatads.com
0.0.0.0 s-jsonp.moatads.com
0.0.0.0 s.moatads.com
0.0.0.0 s.update.moatads.com
0.0.0.0 sejs.moatads.com
0.0.0.0 svast.moatads.com
0.0.0.0 svastx.moatads.com
0.0.0.0 t.update.moatads.com
0.0.0.0 tribpubdfp745347008913.s.moatpixel.com
0.0.0.0 u.moatads.com
0.0.0.0 update.moatads.com
0.0.0.0 upv4.moatads.com
0.0.0.0 v3.moatads.com
0.0.0.0 v4.moatads.com
0.0.0.0 vast.moatads.com
0.0.0.0 vastx.moatads.com
0.0.0.0 vpb0.moatads.com
0.0.0.0 vu.moatads.com
0.0.0.0 wildcard.moatads.com.edgekey.net
0.0.0.0 www.moatads.com
0.0.0.0 www.upv4.moatads.com
0.0.0.0 y.moatads.com
0.0.0.0 yj.moatads.com
0.0.0.0 yt.moatads.com
0.0.0.0 yts.moatads.com
0.0.0.0 z.moatads.com
# block myvisualiq
0.0.0.0 t.myvisualiq.net
0.0.0.0 vt.myvisualiq.net
# block omaze
0.0.0.0 omaze.com
0.0.0.0 www.omaze.com
# block pubmatic
0.0.0.0 ads.pubmatic.com
0.0.0.0 gads.pubmatic.com
0.0.0.0 gads22000.pubmatic.com
0.0.0.0 showads33000.pubmatic.com
# block scorecardresearch
0.0.0.0 b.scorecardresearch.com
0.0.0.0 sb.scorecardresearch.com
0.0.0.0 udm.scorecardresearch.com
# block sizmek technologies
0.0.0.0 bs.serving-sys.com
0.0.0.0 ds.serving-sys.com
# block the whiz marketing
0.0.0.0 seen-on-screen.thewhizmarketing.com
# block voicefive
0.0.0.0 ar.voicefive.com
0.0.0.0 sb.voicefive.com
# block yahoo adflurry
0.0.0.0 ads.flurry.com
0.0.0.0 media-router-flurry7.prod.media.wg1.b.yahoo.com
# block zwizz army knife (anonymous)
0.0.0.0 api.zwizzarmyknife.com

1451561
hosts/rpz.blacklist Executable file
View File

File diff suppressed because it is too large Load Diff

1016
hosts/whitelist.txt Executable file
View File

File diff suppressed because it is too large Load Diff

3
server-conf/Readme.MD Normal file
View File

@@ -0,0 +1,3 @@
## Haproxy SSL
* SSL generated via : [Mozilla SSL](https://ssl-config.mozilla.org/#server=haproxy&server-version=1.9.8&config=intermediate)

52
server-conf/dnsdist.conf Executable file
View File

@@ -0,0 +1,52 @@
-- When an IPv6 IP:PORT combination is needed, the bracketed syntax from RFC 3986 should be used. e.g. “[2001:DB8:14::C0FF:FEE]:5300”
-- https://dnsdist.org/reference/config.html?highlight=servfail
--addTLSLocal('0.0.0.0', '/etc/letsencrypt/live/dns.jp.blahdns.com/fullchain.pem', '/etc/letsencrypt/live/dns.jp.blahdns.com/privkey.pem', { doTCP=true, reusePort=true })
--addTLSLocal("[::]", '/etc/letsencrypt/live/dns.jp.blahdns.com/fullchain.pem', '/etc/letsencrypt/live/dns.jp.blahdns.com/privkey.pem', { doTCP=true, reusePort=true})
addDNSCryptBind("0.0.0.0:8443", "2.dnscrypt-cert.blahdns.com", "/etc/dnsdist/ssl.cert", "/etc/dnsdist/ssl.key")
addDNSCryptBind("[::]:8443", "2.dnscrypt-cert.blahdns.com", "/etc/dnsdist/ssl.cert", "/etc/dnsdist/ssl.key")
addLocal('0.0.0.0:53', { doTCP=true, reusePort=true})
addLocal('[::]:53', { doTCP=true, reusePort=true})
addAction(MaxQPSIPRule(10, 32, 48), DropAction())
addAction(QTypeRule(dnsdist.ANY) ,DropAction())
addAction(QTypeRule(dnsdist.PTR) ,DropAction())
-- Force TCP
addAction(AndRule({NotRule(OrRule({QTypeRule(dnsdist.TXT), QTypeRule(dnsdist.A), QTypeRule(dnsdist.AAAA)})),TCPRule(false)}), TCAction())
setACL({'0.0.0.0/0', '::/0' })
-- https://dnsdist.org/reference/constants.html#dnsaction
-- https://dnsdist.org/rules-actions.html#addLuaAction
-- https://stackoverflow.com/questions/11271547/does-lua-have-or-comparisons
local dbr = dynBlockRulesGroup()
dbr:setQTypeRate(dnsdist.PTR, 5, 10, "Exceeded PTR rate", 60)
dbr:setQTypeRate(dnsdist.TXT, 5, 10, "Exceeded TXT rate", 60)
dbr:setQTypeRate(dnsdist.SOA, 5, 10, "Exceeded SOA rate", 60)
dbr:setQTypeRate(dnsdist.MX, 3, 10, "Exceeded MX rate", 60)
dbr:setQTypeRate(dnsdist.SRV, 3, 10, "Exceeded SRV rate", 60)
dbr:setQTypeRate(dnsdist.NS, 3, 10, "Exceeded PTR rate", 60)
dbr:setQTypeRate(dnsdist.SIG, 3, 10, "Exceeded PTR rate", 60)
function maintenance()
dbr:apply()
end
newServer({address="127.0.0.1:50", checkType="A", checkType=DNSClass.CHAOS, checkName="google.com", mustResolve=false})
newServer({address="[::1]:50", checkType="AAAA", checkType=DNSClass.CHAOS, checkName="google.com", mustResolve=false})
newServer({address="[::1]:51", checkType="AAAA", checkType=DNSClass.CHAOS, checkName="google.com", mustResolve=false})
-- function luarule(dq)
-- if(dq.qtype==dnsdist.ANY)
-- then
-- return DNSAction.ServFail
-- else
-- return DNSAction.None
-- end
-- end
-- addLuaAction(AllRule(), luarule)

181
server-conf/fail2ban.sh Executable file
View File

@@ -0,0 +1,181 @@
#!/bin/bash
CHECK_OS(){
if [[ -f /etc/redhat-release ]];then
release="centos"
elif cat /etc/issue | grep -q -E -i "debian";then
release="debian"
elif cat /etc/issue | grep -q -E -i "ubuntu";then
release="ubuntu"
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat";then
release="centos"
elif cat /proc/version | grep -q -E -i "debian";then
release="debian"
elif cat /proc/version | grep -q -E -i "ubuntu";then
release="ubuntu"
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat";then
release="centos"
fi
}
GET_SETTING_FAIL2BAN_INFO(){
read -p "允许SSH登陆失败次数,默认10:" BLOCKING_THRESHOLD
if [[ ${BLOCKING_THRESHOLD} = "" ]];then
BLOCKING_THRESHOLD='10'
fi
read -p "SSH登陆失败次数超过${BLOCKING_THRESHOLD}次时,封禁时长(h),默认8760:" BLOCKING_TIME_H
if [[ ${BLOCKING_TIME_H} = "" ]];then
BLOCKING_TIME_H='8760'
fi
BLOCKING_TIME_S=$(expr ${BLOCKING_TIME_H} \* 3600)
}
INSTALL_FAIL2BAN(){
if [ ! -e /etc/fail2ban/jail.local ];then
CHECK_OS
case "${release}" in
centos)
GET_SETTING_FAIL2BAN_INFO
yum -y install epel-release
yum -y install fail2ban;;
debian|ubuntu)
GET_SETTING_FAIL2BAN_INFO
apt-get -y install fail2ban;;
*)
echo "请使用CentOS,Debian,Ubuntu系统.";;
esac
else
echo "fail2ban已经安装了.";exit
fi
}
REMOVE_FAIL2BAN(){
if [ -e /etc/fail2ban/jail.local ];then
CHECK_OS
case "${release}" in
centos)
service fail2ban stop
yum -y remove fail2ban
rm -rf /etc/fail2ban/jail.local;;
debian|ubuntu)
service fail2ban stop
apt-get -y remove fail2ban
rm -rf /etc/fail2ban/jail.local;;
esac
else
echo "fail2ban尚未安装.";exit
fi
}
SETTING_FAIL2BAN(){
CHECK_OS
case "${release}" in
centos)
echo "[DEFAULT]
ignoreip = 127.0.0.1
bantime = 86400
maxretry = 3
findtime = 1800
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
maxretry = ${BLOCKING_THRESHOLD}
findtime = 3600
bantime = ${BLOCKING_TIME_S}" > /etc/fail2ban/jail.local
if [ -e /usr/bin/systemctl ];then
systemctl restart fail2ban
systemctl enable fail2ban
systemctl restart sshd
else
service fail2ban restart
chkconfig fail2ban on
service ssh restart
fi;;
debian|ubuntu)
echo "[DEFAULT]
ignoreip = 127.0.0.1
bantime = 86400
maxretry = ${BLOCKING_THRESHOLD}
findtime = 1800
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/auth.log
maxretry = ${BLOCKING_THRESHOLD}
findtime = 3600
bantime = ${BLOCKING_TIME_S}" > /etc/fail2ban/jail.local
service fail2ban restart
service ssh restart;;
esac
}
VIEW_RUN_LOG(){
CHECK_OS
case "${release}" in
centos)
tail -f /var/log/secure;;
debian|ubuntu)
tail -f /var/log/auth.log;;
esac
}
case "${1}" in
install)
INSTALL_FAIL2BAN
SETTING_FAIL2BAN;;
uninstall)
REMOVE_FAIL2BAN;;
status)
echo -e "\033[41;37m【进程】\033[0m";ps aux | grep fail2ban
echo;echo -e "\033[41;37m【状态】\033[0m";fail2ban-client ping
echo;echo -e "\033[41;37m【Service】\033[0m";service fail2ban status;;
blocklist|bl)
if [ -e /etc/fail2ban/jail.local ];then
fail2ban-client status ssh-iptables
else
echo "fail2ban尚未安装.";exit
fi;;
unlock|ul)
if [ -e /etc/fail2ban/jail.local ];then
if [[ "${2}" = "" ]];then
read -p "请输入需要解封的IP:" UNLOCK_IP
if [[ ${UNLOCK_IP} = "" ]];then
echo "不允许空值,请重试.";exit
else
fail2ban-client set ssh-iptables unbanip ${UNLOCK_IP}
fi
else
fail2ban-client set ssh-iptables unbanip ${2}
fi
else
echo "fail2ban尚未安装.";exit
fi;;
more)
echo "【参考文章】
https://www.fail2ban.org
https://linux.cn/article-5067-1.html
【更多命令】
fail2ban-client -h";;
runlog)
VIEW_RUN_LOG;;
start)
service fail2ban start;;
stop)
service fail2ban stop;;
restart)
service fail2ban restart;;
*)
echo "bash fail2ban.sh {install|uninstall|runlog|more}"
echo "bash fail2ban.sh {start|stop|restart|status}"
echo "bash fail2ban.sh {blocklist|unlock}";;
esac
#END

151
server-conf/haproxy.cfg Executable file
View File

@@ -0,0 +1,151 @@
## NEW HTTP2 CONFIG ###
## Thanks to DNSWARDEN.com author: @bhanupratapys
global
no log
chroot /var/lib/haproxy
user haproxy
group haproxy
pidfile /var/run/haproxy.pid
tune.ssl.default-dh-param 2048
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
ssl-dh-param-file /etc/haproxy/dhparam.pem
ssl-default-bind-ciphers TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
defaults
option dontlognull
retries 1
timeout connect 5s
timeout check 5s
timeout queue 10s
timeout client 60s
timeout client-fin 1s
timeout server-fin 1s
timeout server 30s
timeout tunnel 10m
timeout http-request 10s
#bind :::443 v4v6 ssl crt /etc/haproxy/dot-jp.blahdns.pem alpn h2,http/1.1
#bind :::443 v4v6 tfo ssl crt /etc/haproxy/dot-jp.blahdns.pem
frontend front_end_dot_853
mode tcp
bind 0.0.0.0:853
bind :::853
acl tls req.ssl_hello_type 1
tcp-request inspect-delay 2s
tcp-request content accept if tls
use_backend dot-uncensor if { req_ssl_sni -i dot-jp.blahdns.com }
default_backend dot-uncensor
frontend front_end_doh_dot_443
mode tcp
bind 0.0.0.0:443
bind :::443
acl tls req.ssl_hello_type 1
tcp-request inspect-delay 2s
tcp-request content accept if tls
use_backend doh-front if { req_ssl_sni -i doh-jp.blahdns.com }
use_backend dot-uncensor if { req_ssl_sni -i dot-jp.blahdns.com }
default_backend dot-uncensor
frontend dot-in-uncensor
mode tcp
bind 127.150.150.150:15000 ssl crt /etc/haproxy/dot-jp.blahdns.pem
default_backend dot-servers-uncensor
frontend doh-in
mode http
bind 127.250.250.250:25000 ssl crt /etc/haproxy/dot-jp.blahdns.pem alpn h2
acl adblock_url path_beg -i /dns-query
use_backend doh-servers-uncensor if adblock_url
backend dot-uncensor
mode tcp
#balance source
server dot-uncensor-haproxy-ssl 127.150.150.150:15000 check
backend doh-front
mode tcp
#balance source
server doh-haproxy-ssl 127.250.250.250:25000 check
backend dot-servers-uncensor
mode tcp
server dns-uncensor 127.0.0.1:50
backend doh-servers-uncensor
mode http
http-response del-header server
http-response del-header x-powered-by
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
server doh-proxy-uncensor 127.0.0.1:3000
### End ####
### Start old config as backup, igonre it ###
global
#log /dev/log local0
no log
chroot /var/lib/haproxy
user haproxy
group haproxy
maxconn 3000
pidfile /var/run/haproxy.pid
tune.ssl.default-dh-param 2048
#ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20
ssl-default-bind-ciphers TLS13-CHACHA20-POLY1305-SHA256:EECDH+CHACHA20:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256
ssl-default-bind-options no-tls-tickets no-sslv3 no-tlsv10 no-tlsv11
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
defaults
option dontlognull
option http-server-close
retries 1
option http-use-htx
maxconn 3000
timeout check 5s
timeout queue 10s
timeout client 30s
timeout client-fin 3s
timeout server-fin 3s
timeout server 30s
timeout tunnel 5m
timeout http-request 10s
option http-keep-alive
frontend doh-in
#mode tcp
no log
#bind *:443 ssl crt /etc/haproxy/dot-jp.blahdns.pem alpn h2
bind :::443 v4v6 tfo ssl crt /etc/haproxy/dot-jp.blahdns.pem
http-response set-header Strict-Transport-Security "max-age=31536000"
tcp-request inspect-delay 2s
tcp-request content accept if HTTP
tcp-request content accept if { req.ssl_hello_type 1 }
use_backend dot-server if { req.ssl_hello_type 1 }
acl dns_url path_beg -i /dns-query
use_backend doh-server if dns_url
#use_backend doh-server if HTTP
default_backend dot-server
#listen http-in
backend dot-server
mode tcp
server dns 127.0.0.1:50 maxconn 20
backend doh-server
#http-response set-header Strict-Transport-Security "max-age=31536000"
option forwardfor
server doh-proxy 127.0.0.1:3000 maxconn 20

19
server-conf/knot-tls.service Executable file
View File

@@ -0,0 +1,19 @@
[Unit]
Description=Knot-tls
After=syslog.target
After=network.target
[Service]
Type=simple
User=root
Group=root
WorkingDirectory=/etc/knot-resolver/
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
ExecStartPre=/root/clean.sh
ExecStartPost=/bin/sleep 0.1
ExecStart=kresd -c /etc/knot-resolver/kresd-tls.conf -f 1
Restart=always
[Install]
WantedBy=multi-user.target

72
server-conf/kresd.conf Executable file
View File

@@ -0,0 +1,72 @@
modules = {
'policy',
'hints > iterate',
'serve_stale < cache',
'workarounds < iterate',
'predict'
}
--modules.unload('cache')
--modules.unload('hints')
--modules.unload('priming')
--modules.unload('ta_sentinel')
--modules.unload('ta_signal_query')
--modules.unload('detect_time_jump')
--modules.unload('detect_time_skew')
net.listen({'::1', '127.0.0.1'}, 55)
hints.add_hosts('/etc/knot-resolver/hints.list')
-- Disallow ANY & PTR queries
policy.add(function (req, query)
if query.stype == kres.type.ANY then
return policy.DROP
elseif query.stype == kres.type.PTR then
return policy.DROP
end
end)
--policy.add(function (req, query)
-- if query.stype == kres.type.TXT or query.stype == kres.type.SRV or query.stype == kres.type.NS or query.stype == kres.type.MX or query.stype == kres.type.SOA or query.stype == kres.type.PTR then
-- return policy.TC
-- end
--end)
-- qname minimalization true
--option('NO_MINIMIZE', false)
-- Cache size
cache.size = 150 * MB
--cache.min_ttl(300)
-- Force cache timeout every 5 sec
--cache.max_ttl(5)
policy.add(policy.rpz(policy.DENY, '/etc/knot-resolver/rpz.blacklist'))
-- OpenNIC
opennicTrees = policy.todnames({'uu','ti','te','ku','lib','emc','coin','baza','glue','parody','pirate','oss','oz','bit','dns.opennic.glue','bbs','chan','cyb','dyn','fur','gopher','geek','opennic.glue','o','neo','indy','libre', 'null'})
-- Beware: the rule order is important, as STUB is not a chain action.
policy.add(policy.suffix(policy.FLAGS({'NO_CACHE'}), opennicTrees))
policy.add(policy.suffix(policy.STUB({'::1@52'}), opennicTrees))
-- Disable cache
view:addr('0.0.0.0/0', policy.all(policy.FLAGS({'NO_CACHE'})))
view:addr('::/0', policy.all(policy.FLAGS({'NO_CACHE'})))
--view:addr('198.252.153.0/24', function (req, qry) return policy.PASS end)
--view:addr('204.13.164.0/24', function (req, qry) return policy.PASS end)
--view:addr('199.254.238.0/24', function (req, qry) return policy.PASS end)
--view:addr('199.58.80.128/25', function (req, qry) return policy.PASS end)
--view:addr('199.58.81.137/25', function (req, qry) return policy.PASS end)
--view:addr('10.0.1.0/24', function (req, qry) return policy.PASS end)
--view:addr('10.0.2.0/24', function (req, qry) return policy.PASS end)
--view:addr('127.0.0.1', function (req, qry) return policy.PASS end)
--- Drop everything that hasn't matched
-- view:addr('0.0.0.0/0', function (req, qry) return policy.DROP end)
-- policy.add(policy.all(policy.FORWARD('::1@51')))
-- Disable dnssec, if need so
-- trust_anchors.negative = { '.' }

34
server-conf/monitor-kresd.sh Executable file
View File

@@ -0,0 +1,34 @@
#if lsof -Pi :50 -sUDP:LISTEN -t >/dev/null ; then
# echo "running"
#else
# echo "not running"
#fi
#netstat -ln | grep ":50 " 2>&1 > /dev/null
#if [ $? -eq 1 ]; then
# echo Starting Meteor;
#fi
!/bin/bash
# Check if gedit is running
# -x flag only match processes whose name (or command line if -f is
# specified) exactly match the pattern.
if ps -e | grep dnscrypt-wrap
then
echo "Dnscrypt wrapper is running"
else
/root/dns/dnscrypt-start.sh
echo "Dnscrypt is Stopped"
fi
if pgrep -x "kresd"
then
echo "kresd is Running"
else
echo "kresd is Stopped and restart service "
/root/kresd.sh
#service knot-tls stop
#service knot-tls start
fi

14
server-conf/restart.sh Executable file
View File

@@ -0,0 +1,14 @@
## Cronjob every 6 hours clear logs and restart services
cd /var/log
rm -rf haproxy.log*
rm -rf daemon.log*
rm -rf messages*
rm -rf syslog*
rm -rf user*
rm -rf kern*
rm -rf debug*
service haproxy restart
service doh-server restart

5
server-conf/unbound/bind.keys Executable file
View File

@@ -0,0 +1,5 @@
trusted-keys {
. 257 3 8 "AwEAAaq+qqsdDHByq/DFR5/u23qcDNOQJzjYBcSfjrGNLdY2+vY+ubhu iz0hG1xk5D+dK78Eh58wZ3tQnsRr3bVNVfcovlx/rdwuw5blez2TT0Et 4IF/3b/RpMpCwSSOWTMGvi0EwIMNsjYWEZlRjcWku3cnAAvSD3YdaRW2 JCKsbkK5OQp2YjuQgIOL7J6f8mN6nkfAWd9L2U9H+TSEnx8gqqkXIEIR WcbdWN1FiCdy3L8CaHbZcttzx5lLOGrjPW+raXn+KaQSU+WW9n2PPOZb NUrQnsW/DJ+b+soNQQbhwFlp/av5VzaxB7/57vEKqj71x+Xu8S0sGpLc Xrkf5p3ri93ScLsJOT11fIlMRIwcKsWZEIIyYzuQeq8MoVTenvN6re/y 872Vb6JBHbBMk0JmsRwkXltz9PINWyvVyqM3PA1bJ4fz8QbqXnTnJiR/ yylhcE8rjPUtnf29NyDN7Co9JzPwnwE74F3k3R18w45L8E5Dt5it2PIA 9/rb6GDMrPAPsa1X82qNLzcboosMj9vT7Ofg8M+x2/VYt6u4xX4glZRa vyjTs6qGfzFS+Z44zrIP4CtNa0fL0AwJ/wsK4YJSX0xZ6/CJI/NNXeSg G5vfMw04kUDI9d9oO9jkAhYDmTaOI6C5nVTymAs3uje8/mZlo/pUSllB 0DkpTgd5PTAwQsA1";
. 256 3 8 "AwEAAcnclWrEkYgk+zGEAtbUoFpkKojImn4go0WwsD3TyGq5Mp7Xb5yv yO3VzcGLyeMJ1p55PFTij4xXR+LiXlzdjIgvy8JloXDh6Pg3mhQ/x6YR aWjkstFbeTicyR94Q7ns7/0tqcR/4kjvcK/haViADuamvt0flv04wBeq ZaJBdj5TLYXfYCYr8QVvlryvHf6SCF9Xwgo/34iP+T0EH1yGL4HASeHL Cn8Kh5zTsIbefAvjkPPv7T23xeiT0FfJ4AJim9tMU5DYZFPU4J5Gtsk9 LIFBju5TAlbXf9nldM9WfESP/ZPBvLlrPeNzXrSEbyqkE72xtpr/3ckY jZd5aODWCmhp3tTc/UBcZxzw4IcJ3j5cmdTnrnOlLOA4DXnkB1Ts90BM G00ySdBeXeW0abKOiCH/qqdWlPR3jLEZth9y5WWHVIcY5JsjbpQnv85A YaQYzUA2W79oM1XoQ35EB5PHPs3lCMJ/42zDmbhJ2n7m2xx3DbCnzHTt H9Fsqi1+8s8LNQAbQeINBkiDeyeEpY2CFVz222zEusCOj/cbWuirBqMD WjIajMwBpF2z0x8FznahSEoR+djYNpXpv9pFcl4rYTCqnQcKy0PUoGrs 8X4OzLW7egrAWodF3z7KieAMyK09/0qBf7rtB8qOLR7NiFA/UYvkZTwz E74ZGP9Y4kOi0lA5";
. 256 3 8 "AwEAAetFT8ZCzhqTOT7em1LxFynu1zwZXwu0qzSNtO8ABxfls+QfDMxB 4jUdOkAVJKG313bS9rHwUqG3Sg2fPGmdo4xzt3ps9/Tmh6c657r5zYTd tlAy3tjU2G7VUWnbwwHFAIe4R9ajnScvdNfFZpUalrxT3FsfLbTfhnt3 HZljYbyVYi9v8H+gweoBGfq5xIrNwKz4DNu217GWtZaOGhPcS2HYgqDD 0BuRxYwAkoiphcoHwc9QOHIMWlN9Wdw1+udpHZ43Oysp8EXqF2miYljd 3EprDthfZ0MU0xqbHzLbtPQCVQir3HymJxTbrpE1fpKbKyXlyRqSUxTL ONud5BQISb0=";
};

26
server-conf/unbound/opennic.hints Executable file
View File

@@ -0,0 +1,26 @@
;; ANSWER SECTION:
. 86400 IN NS ns2.opennic.glue.
. 86400 IN NS ns6.opennic.glue.
. 86400 IN NS ns5.opennic.glue.
. 86400 IN NS ns8.opennic.glue.
. 86400 IN NS ns9.opennic.glue.
. 86400 IN NS ns10.opennic.glue.
. 86400 IN NS ns4.opennic.glue.
;; ADDITIONAL SECTION:
ns2.opennic.glue. 7200 IN A 161.97.219.84
ns2.opennic.glue. 7200 IN AAAA 2001:470:4212:10::100:53:10
ns4.opennic.glue. 7200 IN A 163.172.168.171
ns5.opennic.glue. 7200 IN A 94.103.153.176
ns5.opennic.glue. 7200 IN AAAA 2a02:990:219:1:ba:1337:cafe:3
ns6.opennic.glue. 7200 IN A 207.192.71.13
ns8.opennic.glue. 7200 IN A 178.63.116.152
ns8.opennic.glue. 7200 IN AAAA 2a01:4f8:141:4281::999
ns9.opennic.glue. 7200 IN A 174.138.48.29
ns9.opennic.glue. 7200 IN AAAA 2604:a880:800:a1::2a:2001
ns10.opennic.glue. 7200 IN A 188.226.146.136
ns10.opennic.glue. 7200 IN AAAA 2001:470:1f04:ebf::2
;; Query time: 212 msec
;; SERVER: 174.138.48.29#53(174.138.48.29)
;; WHEN: Wed Oct 31 15:28:13 CST 2018

127
server-conf/unbound/unbound.conf Executable file
View File

@@ -0,0 +1,127 @@
server:
interface: 127.0.0.1@48
interface: ::1@48
access-control: 127.0.0.1 allow
access-control: ::1 allow
#access-control: 0.0.0.0/0 allow
#access-control: ::/0 allow
prefer-ip6: yes
delay-close: 1500
do-ip4: yes
do-ip6: yes
do-tcp: yes
do-udp: yes
do-not-query-localhost: no
verbosity: 0
log-time-ascii: no
log-servfail: no
client-subnet-always-forward: yes
aggressive-nsec: yes
harden-dnssec-stripped: yes # if 'no', disable dnssec
harden-short-bufsize: yes
harden-large-queries: yes
harden-glue: yes
harden-below-nxdomain: yes
harden-referral-path: yes
use-caps-for-id: yes
qname-minimisation: yes
qname-minimisation-strict: no #some domain might be failed to request
so-reuseport: yes
minimal-responses: yes
deny-any: yes
rrset-roundrobin: yes
prefetch: yes
prefetch-key: yes
serve-expired: yes
serve-expired-ttl: 86400 # max 1 day
#serve-expired-ttl-reset: no
hide-identity: yes
hide-version: yes
hide-trustanchor: yes
edns-tcp-keepalive: yes
#edns-tcp-keepalive-timeout: 12000 # 2min
#tcp-idle-timeout: 30000 # 30 sec
num-threads: 1
msg-cache-slabs: 1
rrset-cache-slabs: 1
key-cache-slabs: 1
infra-cache-slabs: 1
msg-cache-size: 54m # default 4m
rrset-cache-size: 108m # rrset=msg*2 # default 4m
key-cache-size: 54m # default 4m
neg-cache-size: 27m # default 1m
infra-cache-numhosts: 50000
# dnscrypt-shared-secret-cache-size: 13m # default 4m
# dnscrypt-nonce-cache-size: 13m # default 4m
outgoing-range: 4096
incoming-num-tcp: 100
outgoing-num-tcp: 100
neg-cache-size: 25m
unwanted-reply-threshold: 10000000
cache-min-ttl: 90
cache-max-ttl: 900
infra-host-ttl: 3600
val-bogus-ttl: 120
cache-max-negative-ttl: 10 # Time to live maximum for negative responses, these have a SOA in the authority section that is limited in time. Default is 3600. This applies to nxdomain and nodata answers.
infra-cache-numhosts: 50000
auto-trust-anchor-file: "/var/lib/unbound/root.key"
# Refence: https://github.com/publicarray/dns-resolver-infra/blob/master/unbound/unbound.conf
local-zone: example. static
local-zone: local. static
local-zone: i2p. static
local-zone: home. static
local-zone: zghjccbob3n0. static
local-zone: dhcp. static
local-zone: lan. static
local-zone: localdomain. static
local-zone: ip. static
local-zone: internal. static
local-zone: openstacklocal. static
local-zone: dlink. static
local-zone: gateway. static
local-zone: corp. static
local-zone: workgroup. static
local-zone: belkin. static
local-zone: davolink. static
local-zone: z. static
local-zone: domain. static
local-zone: virtualmin. static
private-address: 0.0.0.0/8 # Should not be on the Internet (only valid as source address)
private-address: 10.0.0.0/8 # Private networks
private-address: 127.0.0.0/8 # Loopback, spam-blocklists (RBL) (https://www.dnsbl.info/) e.g. "dig +short 0.0.0.0.zen.spamhaus.org" will stop working (https://www.spamhaus.org/zen/, https://www.spamhaus.org/faq/section/DNSBL%20Usage#202)
private-address: 169.254.0.0/16 # link-local (networks without DHCP)
private-address: 172.16.0.0/12 # Private networks
private-address: 192.168.0.0/16 # Private networks
private-address: 255.255.255.255/32 # Broadcast destination
## IPv6
private-address: ::/128 # Unspecified addresses (only valid as source address)
private-address: ::1/128 # Loopback
private-address: 2001:db8::/32 # Documentation addresses used for documentation purposes such as user manuals, RFCs, etc. (RFC3849)
# private-address: ::ffff:0:0/96 # IPv4-mapped IPv6 addresses (depreciated and should not be on the public internet) (blocks potentially valid addresses / gives wrong result from DNS Benchmark)
private-address: fe80::/10 # IP address autoconfiguration (link-local unicast, Private network)
private-address: fc00::/7 # Unique Local Addresses (Private network)
# private-address: fec0::/10 # Depreciated site networks
# private-address: 2002::/16 # 6to4 (deprecated)
# private-address: 64:ff9b::/96 # 6to4 "Well-Known" Prefix
# private-address: 2001::/32 # Teredo
private-address: 2001:10::/28 # ORCHID
# private-address: ff00::/8 # Multicast
## Selected IPv4 mapped addresses from IPv4 above (fixes potentially wrong result from DNS Benchmark if blocking all of ::ffff:0:0/96)
private-address: ::ffff:0.0.0.0/120 # Private IPv4-mapped addresses
private-address: ::ffff:10.0.0.0/120 # Private IPv4-mapped addresses
private-address: ::ffff:127.0.0.1/120 # Loopback IPv4-mapped addresses, spam-blocklists (RBL)
private-address: ::ffff:169.254.0.0/112 # Link-local IPv4-mapped addresses
private-address: ::ffff:172.16.0.0/116 # Private IPv4-mapped addresses
private-address: ::ffff:192.168.0.0/112 # Private IPv4-mapped addresses
private-address: ::ffff:255.255.255.255/128 # Broadcast IPv4-mapped addresses

468
server-conf/unbound/unbound.conf.d/opennic.root.conf Executable file
View File

@@ -0,0 +1,468 @@
server:
domain-insecure: "opennic.glue"
auth-zone:
name: "opennic.glue"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/opennic.glue"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "dns.opennic.glue"
auth-zone:
name: "dns.opennic.glue"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/dns.opennic.glue"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "micro"
auth-zone:
name: "micro"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/micro"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "ing"
auth-zone:
name: "ing"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/ing"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "glue"
auth-zone:
name: "glue"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/glue"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "bbs"
auth-zone:
name: "bbs"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/bbs"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "bit"
auth-zone:
name: "bit"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/bit"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "chan"
auth-zone:
name: "chan"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/chan"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "dyn"
auth-zone:
name: "dyn"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/dyn"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "free"
auth-zone:
name: "free"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/free"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "fur"
auth-zone:
name: "fur"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/fur"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "geek"
auth-zone:
name: "geek"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/geek"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "gopher"
auth-zone:
name: "gopher"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/gopher"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "indy"
auth-zone:
name: "indy"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/indy"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "libre"
auth-zone:
name: "libre"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/libre"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "neo"
auth-zone:
name: "neo"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/neo"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "null"
auth-zone:
name: "null"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/null"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "oss"
auth-zone:
name: "oss"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/oss"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "oz"
auth-zone:
name: "oz"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/oz"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "parody"
auth-zone:
name: "parody"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/parody"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "pirate"
auth-zone:
name: "pirate"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/pirate"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "o"
auth-zone:
name: "o"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/o"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "lib"
auth-zone:
name: "lib"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/lib"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "coin"
auth-zone:
name: "coin"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/coin"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "emc"
auth-zone:
name: "emc"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/emc"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "bazar"
auth-zone:
name: "bazar"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/bazar"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "cyb"
auth-zone:
name: "cyb"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/cyb"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "ku"
auth-zone:
name: "ku"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/ku"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "te"
auth-zone:
name: "te"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/te"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "uu"
auth-zone:
name: "uu"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/uu"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53
server:
domain-insecure: "ti"
auth-zone:
name: "ti"
for-downstream: no
for-upstream: yes
fallback-enabled: no
zonefile: "opennic.zone.d/ti"
master: 2a02:2770:15:0:21a:4aff:fefe:55e5
master: 84.22.107.90
master: 185.121.177.177
master: 2a05:dfc7:5353::53

91
website/.gitignore vendored Executable file
View File

@@ -0,0 +1,91 @@
# Created by https://www.gitignore.io/api/node
# Edit at https://www.gitignore.io/?templates=node
### Node ###
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
lerna-debug.log*
# Diagnostic reports (https://nodejs.org/api/report.html)
report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
# nyc test coverage
.nyc_output
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release
# Dependency directories
node_modules/
jspm_packages/
# TypeScript v1 declaration files
typings/
# Optional npm cache directory
.npm
# Optional eslint cache
.eslintcache
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env
.env.test
# parcel-bundler cache (https://parceljs.org/)
.cache
# next.js build output
.next
# nuxt.js build output
.nuxt
# vuepress build output
.vuepress/dist
# Serverless directories
.serverless/
# FuseBox cache
.fusebox/
# DynamoDB Local files
.dynamodb/
# End of https://www.gitignore.io/api/node

88
website/api/index.js Executable file
View File

@@ -0,0 +1,88 @@
const port = process.env.PORT || 3000
const express = require('express')
const AbortController = require('abort-controller')
const { Resolver } = require('dns').promises
const resolver = new Resolver()
var app = express()
app.use(express.json())
// const cors = require("cors");
// app.use(
// cors({
// allowedHeaders: ["sessionId", "Content-Type"],
// exposedHeaders: ["sessionId"],
// origin: "*",
// methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
// preflightContinue: false
// })
// );
app.get('/api', function (req, res) {
res.json({
hello: 'world'
})
})
resolver.setServers(['159.69.198.101', '108.61.201.119'])
app.get('/api/:domainName', function (req, res) {
let controller = new AbortController()
let signal = controller.signal
let timeout = 3000
function myTimer () {
timeout = setTimeout(() => {
controller.abort()
res.json({
status: 'timeout'
})
}, timeout)
}
myTimer()
resolver
.resolve(`${req.params.domainName}`)
.then(addresses => {
// console.log(addresses)
clearTimeout(timeout)
let ip = addresses[0].toString()
if ((ip == '0.0.0.0' && ip != null) || undefined) {
res.json({
status: 'failed'
})
} else {
res.json({
status: 'ok'
})
}
})
.catch(error => {
if (
error.code === 'NOTFOUND' ||
error.code === 'SERVFAIL' ||
error.code === 'REFUSED'
) {
clearTimeout(timeout)
res.json({
status: 'failed'
})
} else if (error.code === 'TIMEOUT') {
clearTimeout(timeout)
res.json({
status: 'timeout'
})
} else if (
error.code === 'ENOTFOUND' ||
error.code === 'NXDOMAIN' ||
error.code === 'NOTIMP'
) {
clearTimeout(timeout)
res.json({
status: 'failed'
})
}
})
})
app.listen(port, err => {
if (err) throw err
console.log(`Server ready on port ${port}`)
})

385
website/api/package-lock.json generated Executable file
View File

@@ -0,0 +1,385 @@
{
"name": "blahdns-api",
"version": "0.0.6",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
"abort-controller": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-2.0.3.tgz",
"integrity": "sha512-EPSq5wr2aFyAZ1PejJB32IX9Qd4Nwus+adnp7STYFM5/23nLPBazqZ1oor6ZqbH+4otaaGXTlC8RN5hq3C8w9Q==",
"requires": {
"event-target-shim": "^5.0.0"
}
},
"accepts": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.5.tgz",
"integrity": "sha1-63d99gEXI6OxTopywIBcjoZ0a9I=",
"requires": {
"mime-types": "~2.1.18",
"negotiator": "0.6.1"
}
},
"array-flatten": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
"integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI="
},
"body-parser": {
"version": "1.18.3",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.18.3.tgz",
"integrity": "sha1-WykhmP/dVTs6DyDe0FkrlWlVyLQ=",
"requires": {
"bytes": "3.0.0",
"content-type": "~1.0.4",
"debug": "2.6.9",
"depd": "~1.1.2",
"http-errors": "~1.6.3",
"iconv-lite": "0.4.23",
"on-finished": "~2.3.0",
"qs": "6.5.2",
"raw-body": "2.3.3",
"type-is": "~1.6.16"
}
},
"bytes": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz",
"integrity": "sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg="
},
"content-disposition": {
"version": "0.5.2",
"resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.2.tgz",
"integrity": "sha1-DPaLud318r55YcOoUXjLhdunjLQ="
},
"content-type": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz",
"integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA=="
},
"cookie": {
"version": "0.3.1",
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.3.1.tgz",
"integrity": "sha1-5+Ch+e9DtMi6klxcWpboBtFoc7s="
},
"cookie-signature": {
"version": "1.0.6",
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
"integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw="
},
"cors": {
"version": "2.8.5",
"resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
"integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
"requires": {
"object-assign": "^4",
"vary": "^1"
}
},
"debug": {
"version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
"integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
"requires": {
"ms": "2.0.0"
}
},
"depd": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz",
"integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak="
},
"destroy": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz",
"integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA="
},
"ee-first": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
"integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0="
},
"encodeurl": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz",
"integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k="
},
"escape-html": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
"integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg="
},
"etag": {
"version": "1.8.1",
"resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz",
"integrity": "sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc="
},
"event-target-shim": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/event-target-shim/-/event-target-shim-5.0.1.tgz",
"integrity": "sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ=="
},
"express": {
"version": "4.16.4",
"resolved": "https://registry.npmjs.org/express/-/express-4.16.4.tgz",
"integrity": "sha512-j12Uuyb4FMrd/qQAm6uCHAkPtO8FDTRJZBDd5D2KOL2eLaz1yUNdUB/NOIyq0iU4q4cFarsUCrnFDPBcnksuOg==",
"requires": {
"accepts": "~1.3.5",
"array-flatten": "1.1.1",
"body-parser": "1.18.3",
"content-disposition": "0.5.2",
"content-type": "~1.0.4",
"cookie": "0.3.1",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "~1.1.2",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"finalhandler": "1.1.1",
"fresh": "0.5.2",
"merge-descriptors": "1.0.1",
"methods": "~1.1.2",
"on-finished": "~2.3.0",
"parseurl": "~1.3.2",
"path-to-regexp": "0.1.7",
"proxy-addr": "~2.0.4",
"qs": "6.5.2",
"range-parser": "~1.2.0",
"safe-buffer": "5.1.2",
"send": "0.16.2",
"serve-static": "1.13.2",
"setprototypeof": "1.1.0",
"statuses": "~1.4.0",
"type-is": "~1.6.16",
"utils-merge": "1.0.1",
"vary": "~1.1.2"
}
},
"finalhandler": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz",
"integrity": "sha512-Y1GUDo39ez4aHAw7MysnUD5JzYX+WaIj8I57kO3aEPT1fFRL4sr7mjei97FgnwhAyyzRYmQZaTHb2+9uZ1dPtg==",
"requires": {
"debug": "2.6.9",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"on-finished": "~2.3.0",
"parseurl": "~1.3.2",
"statuses": "~1.4.0",
"unpipe": "~1.0.0"
}
},
"forwarded": {
"version": "0.1.2",
"resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz",
"integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ="
},
"fresh": {
"version": "0.5.2",
"resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz",
"integrity": "sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac="
},
"http-errors": {
"version": "1.6.3",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz",
"integrity": "sha1-i1VoC7S+KDoLW/TqLjhYC+HZMg0=",
"requires": {
"depd": "~1.1.2",
"inherits": "2.0.3",
"setprototypeof": "1.1.0",
"statuses": ">= 1.4.0 < 2"
}
},
"iconv-lite": {
"version": "0.4.23",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.23.tgz",
"integrity": "sha512-neyTUVFtahjf0mB3dZT77u+8O0QB89jFdnBkd5P1JgYPbPaia3gXXOVL2fq8VyU2gMMD7SaN7QukTB/pmXYvDA==",
"requires": {
"safer-buffer": ">= 2.1.2 < 3"
}
},
"inherits": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz",
"integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4="
},
"ipaddr.js": {
"version": "1.8.0",
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.8.0.tgz",
"integrity": "sha1-6qM9bd16zo9/b+DJygRA5wZzix4="
},
"media-typer": {
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz",
"integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g="
},
"merge-descriptors": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz",
"integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E="
},
"methods": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
"integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4="
},
"mime": {
"version": "1.4.1",
"resolved": "https://registry.npmjs.org/mime/-/mime-1.4.1.tgz",
"integrity": "sha512-KI1+qOZu5DcW6wayYHSzR/tXKCDC5Om4s1z2QJjDULzLcmf3DvzS7oluY4HCTrc+9FiKmWUgeNLg7W3uIQvxtQ=="
},
"mime-db": {
"version": "1.38.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.38.0.tgz",
"integrity": "sha512-bqVioMFFzc2awcdJZIzR3HjZFX20QhilVS7hytkKrv7xFAn8bM1gzc/FOX2awLISvWe0PV8ptFKcon+wZ5qYkg=="
},
"mime-types": {
"version": "2.1.22",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.22.tgz",
"integrity": "sha512-aGl6TZGnhm/li6F7yx82bJiBZwgiEa4Hf6CNr8YO+r5UHr53tSTYZb102zyU50DOWWKeOv0uQLRL0/9EiKWCog==",
"requires": {
"mime-db": "~1.38.0"
}
},
"ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
"integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
},
"negotiator": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
"integrity": "sha1-KzJxhOiZIQEXeyhWP7XnECrNDKk="
},
"object-assign": {
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
"integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
},
"on-finished": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz",
"integrity": "sha1-IPEzZIGwg811M3mSoWlxqi2QaUc=",
"requires": {
"ee-first": "1.1.1"
}
},
"parseurl": {
"version": "1.3.2",
"resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.2.tgz",
"integrity": "sha1-/CidTtiZMRlGDBViUyYs3I3mW/M="
},
"path-to-regexp": {
"version": "0.1.7",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
"integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w="
},
"proxy-addr": {
"version": "2.0.4",
"resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.4.tgz",
"integrity": "sha512-5erio2h9jp5CHGwcybmxmVqHmnCBZeewlfJ0pex+UW7Qny7OOZXTtH56TGNyBizkgiOwhJtMKrVzDTeKcySZwA==",
"requires": {
"forwarded": "~0.1.2",
"ipaddr.js": "1.8.0"
}
},
"qs": {
"version": "6.5.2",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
"integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA=="
},
"range-parser": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.0.tgz",
"integrity": "sha1-9JvmtIeJTdxA3MlKMi9hEJLgDV4="
},
"raw-body": {
"version": "2.3.3",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.3.3.tgz",
"integrity": "sha512-9esiElv1BrZoI3rCDuOuKCBRbuApGGaDPQfjSflGxdy4oyzqghxu6klEkkVIvBje+FF0BX9coEv8KqW6X/7njw==",
"requires": {
"bytes": "3.0.0",
"http-errors": "1.6.3",
"iconv-lite": "0.4.23",
"unpipe": "1.0.0"
}
},
"safe-buffer": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
"integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
},
"safer-buffer": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
},
"send": {
"version": "0.16.2",
"resolved": "https://registry.npmjs.org/send/-/send-0.16.2.tgz",
"integrity": "sha512-E64YFPUssFHEFBvpbbjr44NCLtI1AohxQ8ZSiJjQLskAdKuriYEP6VyGEsRDH8ScozGpkaX1BGvhanqCwkcEZw==",
"requires": {
"debug": "2.6.9",
"depd": "~1.1.2",
"destroy": "~1.0.4",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"fresh": "0.5.2",
"http-errors": "~1.6.2",
"mime": "1.4.1",
"ms": "2.0.0",
"on-finished": "~2.3.0",
"range-parser": "~1.2.0",
"statuses": "~1.4.0"
}
},
"serve-static": {
"version": "1.13.2",
"resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.13.2.tgz",
"integrity": "sha512-p/tdJrO4U387R9oMjb1oj7qSMaMfmOyd4j9hOFoxZe2baQszgHcSWjuya/CiT5kgZZKRudHNOA0pYXOl8rQ5nw==",
"requires": {
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"parseurl": "~1.3.2",
"send": "0.16.2"
}
},
"setprototypeof": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.0.tgz",
"integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ=="
},
"statuses": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/statuses/-/statuses-1.4.0.tgz",
"integrity": "sha512-zhSCtt8v2NDrRlPQpCNtw/heZLtfUDqxBM1udqikb/Hbk52LK4nQSwr10u77iopCW5LsyHpuXS0GnEc48mLeew=="
},
"type-is": {
"version": "1.6.16",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.16.tgz",
"integrity": "sha512-HRkVv/5qY2G6I8iab9cI7v1bOIdhm94dVjQCPFElW9W+3GeDOSHmy2EBYe4VTApuzolPcmgFTN3ftVJRKR2J9Q==",
"requires": {
"media-typer": "0.3.0",
"mime-types": "~2.1.18"
}
},
"unpipe": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
"integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw="
},
"utils-merge": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM="
},
"vary": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
}
}
}

29
website/api/package.json Executable file
View File

@@ -0,0 +1,29 @@
{
"name": "blahdns-api",
"version": "0.0.6",
"description": "blahdns api check domain status",
"main": "index.js",
"scripts": {
"start": "node index.js",
"dev": "nodemon index.js",
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {
"type": "git",
"url": "git+https://github.com/ookanzheng/blahdns.git"
},
"keywords": [
"blahdns"
],
"author": "ookangzheng",
"license": "MIT",
"bugs": {
"url": "https://github.com/ookanzheng/blahdns/issues"
},
"homepage": "https://github.com/ookanzheng/blahdns#readme",
"dependencies": {
"abort-controller": "^2.0.3",
"cors": "^2.8.5",
"express": "^4.16.4"
}
}

123
website/black.css Executable file
View File

@@ -0,0 +1,123 @@
.bmc-button img {
width: 27px !important;
margin-bottom: 1px !important;
box-shadow: none !important;
border: none !important;
vertical-align: middle !important;
}
.bmc-button {
line-height: 36px !important;
height:37px !important;
text-decoration: none !important;
display:inline-flex !important;
color:#ffffff !important;
background-color:#FF813F !important;
border-radius: 3px !important;
border: 1px solid transparent !important;
padding: 0px 9px !important;
font-size: 17px !important;
letter-spacing:-0.08px !important;
;
box-shadow: 0px 1px 2px rgba(190, 190, 190, 0.5) !important;
-webkit-box-shadow: 0px 1px 2px 2px rgba(190, 190, 190, 0.5) !important;
margin: 0 auto !important;
font-family:'Lato', sans-serif !important;
-webkit-box-sizing: border-box !important;
box-sizing: border-box !important;
-o-transition: 0.3s all linear !important;
-webkit-transition: 0.3s all linear !important;
-moz-transition: 0.3s all linear !important;
-ms-transition: 0.3s all linear !important;
transition: 0.3s all linear !important;
}
.bmc-button:hover, .bmc-button:active, .bmc-button:focus {
-webkit-box-shadow: 0px 1px 2px 2px rgba(190, 190, 190, 0.5) !important;
text-decoration: none !important;
box-shadow: 0px 1px 2px 2px rgba(190, 190, 190, 0.5) !important;
opacity: 0.85 !important;
color:#ffffff !important;
}
.myPadding {
padding-top:1%;
padding-left:10%;
padding-right:10%;
max-width: 1920px;
}
textarea {
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
width: 100%;
}
.w3-theme-l5 {
color:#000 !important;
background-color:#f0f0f0 !important
}
.w3-theme-l4 {
color:#000 !important;
background-color:#cccccc !important
}
.w3-theme-l3 {
color:#fff !important;
background-color:#999999 !important
}
.w3-theme-l2 {
color:#fff !important;
background-color:#666666 !important
}
.w3-theme-l1 {
color:#fff !important;
background-color:#333333 !important
}
.w3-theme-d1 {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme-d2 {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme-d3 {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme-d4 {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme-d5 {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme-light {
color:#000 !important;
background-color:#f0f0f0 !important
}
.w3-theme-dark {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme-action {
color:#fff !important;
background-color:#000000 !important
}
.w3-theme {
color:#fff !important;
background-color:#000000 !important
}
.w3-text-theme {
color:#000000 !important
}
.w3-border-theme {
border-color:#000000 !important
}
.w3-hover-theme:hover {
color:#fff !important;
background-color:#000000 !important
}
.w3-hover-text-theme:hover {
color:#000000 !important
}
.w3-hover-border-theme:hover {
border-color:#000000 !important
}

BIN
website/blahdns-test-using-service.gif Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.3 MiB

BIN
website/favicon.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
website/img-ad.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

BIN
website/img-free.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
website/img-privacy.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

490
website/index.html Executable file
View File

@@ -0,0 +1,490 @@
<!DOCTYPE html>
<html>
<title>Blahdns -- Dns service support DoH, DoT, DNSCrypt </title>
<meta charset="UTF-8">
<meta name="keywords" content="small hobby adblocks DNS resolver with dot doh dnscrpyt">
<meta name="description" content="DNS, Adblock, dnscrypt, doh, dot, dns-over-https, dns-over-tls, no-logs, dnssec">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="author" content="ookangzheng">
<!--<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">-->
<!--<meta http-equiv="Content-Security-Policy" content="default-src 'self' *.blahdns.com">-->
<link rel="stylesheet" href="https://cdn.blahdns.com/w3.css">
<link rel="stylesheet" href="https://cdn.blahdns.com/black.css">
<body>
<!-- Header -->
<header class="w3-container w3-sand w3-padding" style="height:90%" id="myHeader">
<div class=" w3-center">
<img src="https://cdn.blahdns.com/logo.png" style="max-width: 90%; margin-top: 15%; margin-bottom:10%;" />
<div class="w3-row w3-black w3-center w3-padding">
<h4 class="w3-text-white w3-center ">
A small hobby ads block dns project with doh, dot, dnscrypt support.</h4>
</div>
<p id="status" class="w3-margin-top"> You are not using Blahdns !</p>
</div>
</header>
<div class="w3-row myPadding">
<div class="w3-row-padding w3-center">
<!--Announcements area-->
<div class="w3-indigo w3-center">
<h3>Announcements</h3>
</div>
No logs | No EDNS Client-Subnet | OpenNIC TLDs | DNSSEC ready | Filtered some ads, trackers, malware
<ul class="w3-left-align">
<li class="w3-text-red">DNS-over-TLS, DNS-over-HTTPS on PORT 443 will required strict SNI, without SNI will drop by default. </li>
<li class="w3-text-red">If you are developer, this DNS will block analytics, crashlytics, admob, baidu stats, Pls be aware. </li>
<li class="w3-text-purple"> Start from Jan 1 2019, our serivce only support DoT, DoH, DNScryptv2 </li>
<li><a href="https://stats.blahdns.com" target="_blank"><strong>Server status</strong></a></li>
<li>If you encounter problem, please submit it on <a href="https://github.com/ookangzheng/blahdns" target="_blank">Github</a></li>
</ul>
</div>
<div class="w3-container">
<div class="w3-center">
<h2 style="text-shadow:1px 1px 0 #444">Our servers</h2>
</div>
</div>
<div class="w3-row-padding">
<!-- Switzerland server -->
<div class="w3-third">
<div class="w3-card white">
<div class="w3-container w3-indigo">
<h3>Switzerland 🇨🇭</h3>
</div>
<ul class="w3-ul w3-border-top">
<li>
<h3>DNS-over-HTTPS</h3>
<textarea readonly rows="1" cols="50" maxlength="50">https://doh-ch.blahdns.com/dns-query</textarea>
<p>IPv6-stamp:</p>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AgMAAAAAAAAAIFsyYTBhOmU1YzA6MjoyOjA6YzhmZjpmZTY4OmJmNDhdABJkb2gtY2guYmxhaGRucy5jb20KL2Rucy1xdWVyeQ</textarea>
<h3>DNS-over-TLS</h3>
<p>IP: <br>
<textarea readonly rows="2" cols="20" maxlength="50">2a0a:e5c0:2:2:0:c8ff:fe68:bf48</textarea>
<p>tls_auth_name: <br>
<textarea readonly rows="1" cols="50" maxlength="50">dot-ch.blahdns.com</textarea>
port: 853
</p>
<h3>DNSCrypt v2</h3>
port: 8443
<p>IPv6 - DNSStamp: <br>
<textarea readonly rows="4" cols="50" maxlength="50">sdns://AQMAAAAAAAAAJVsyYTBhOmU1YzA6MjoyOjA6YzhmZjpmZTY4OmJmNDhdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t</textarea>
</p>
</li>
</ul>
</div>
</div>
<!-- Japan Server-->
<div class="w3-third">
<div class="w3-card white">
<div class="w3-container w3-indigo">
<h3>Japan🇯🇵</h3>
</div>
<ul class="w3-ul w3-border-top">
<li>
<h3>DNS-over-HTTPS</h3>
<textarea readonly rows="1" cols="50" maxlength="50">https://doh-jp.blahdns.com/dns-query
</textarea>
<p>IPv4-stamp:</p>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AgMAAAAAAAAADjEwOC42MS4yMDEuMTE5ABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
</textarea>
<p>IPv6-stamp:</p>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AgMAAAAAAAAAKVsyMDAxOjE5ZjA6NzAwMToxZGVkOjU0MDA6MDFmZjpmZTkwOjk0NWJdABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
</textarea>
<h3>DNS-over-TLS</h3>
<p>IP: <br>
<textarea readonly rows="2" cols="20" maxlength="50">108.61.201.119
2001:19f0:7001:1ded:5400:01ff:fe90:945b</textarea>
<p>tls_auth_name: <br>
<textarea readonly rows="1" cols="50" maxlength="50">dot-jp.blahdns.com</textarea>
port: 853, 443 (Strict SNI, without SNI will drop)
</p>
<h3>DNSCrypt v2</h3>
port: 8443
<p>IPv4 - DNSStamp: <br>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AQMAAAAAAAAAEzEwOC42MS4yMDEuMTE5Ojg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t</textarea>
</p>
<p>IPv6 - DNSStamp: <br>
<textarea readonly rows="4" cols="50" maxlength="50">sdns://AQMAAAAAAAAALlsyMDAxOjE5ZjA6NzAwMToxZGVkOjU0MDA6MDFmZjpmZTkwOjk0NWJdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t</textarea>
</p>
</li>
</ul>
</div>
</div>
<!-- Germany Server -->
<div class="w3-third">
<div class="w3-card white">
<div class="w3-container w3-theme">
<h3>Germany🇩🇪</h3>
</div>
<ul class="w3-ul w3-border-top">
<li>
<h3>DNS-over-HTTPS</h3>
<textarea readonly rows="1" cols="50" maxlength="50">https://doh-de.blahdns.com/dns-query
</textarea>
<p>IPv4-stamp:</p>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AgMAAAAAAAAADjE1OS42OS4xOTguMTAxABJkb2gtZGUuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
</textarea>
<p>IPv6-stamp:</p>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AgMAAAAAAAAAF1syYTAxOjRmODoxYzFjOjZiNGI6OjFdABJkb2gtZGUuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ
</textarea>
<h3>DNS-over-TLS</h3>
<p>IP: <br>
<textarea readonly rows="2" cols="20" maxlength="50">159.69.198.101
2a01:4f8:1c1c:6b4b::1</textarea>
<p>
tls_auth_name:<br>
<textarea readonly rows="1" cols="50" maxlength="50">dot-de.blahdns.com</textarea>
port: 853, 443 (Strict SNI, without SNI will drop)
</p>
<h3>DNSCrypt v2</h3>
port: 8443
<p>IPv4 - DNSStamp: <br>
<textarea readonly rows="3" cols="50" maxlength="50">sdns://AQMAAAAAAAAAEzE1OS42OS4xOTguMTAxOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t</textarea></p>
<p>IPv6 - DNSStamp: <br>
<textarea readonly rows="4" cols="50" maxlength="50">sdns://AQMAAAAAAAAAHFsyYTAxOjRmODoxYzFjOjZiNGI6OjFdOjg0NDMgyJjbSS4IgTY_2KH3NVGG0DNIgBPzLEqf8r00nAbcUxQbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t</textarea>
</p>
</li>
</ul>
</div>
</div>
</div>
<div class="w3-container w3-center">
<h2 class="w3-center" style="text-shadow:1px 1px 0 #444">News</h2>
<button onclick="myAccFunc('Demo000')" class="w3-padding-16 w3-button w3-block w3-left-align w3-purple">Check
Domain Status</button><a href="#check"></a>
<div id="Demo000" class="w3-hide">
<div class="w3-left-align w3-margin-top">
<label class="w3-text-blue">
<b>Domain Name</b>
</label>
<div class="w3-row">
<div class="w3-col m5">
<input class="w3-input w3-border" placeholder="...domainName" type="text" id="domainName">
</div>
<div class="w3-col m4 w3-margin-left">
<button class="w3-btn w3-blue" id="btnCheck">Check</button>
</div>
</div>
<div class="w3-row">
<p id="returnStatus">
</p>
</div>
</div>
</div>
<button onclick="myAccFunc('Demo00')" class="w3-padding-16 w3-button w3-block w3-left-align w3-sand">DNS client
</button>
<div id="Demo00" class="w3-hide">
<div class="w3-left-align">
<div class="w3-row">
<div class="w3-col m4 l3">
<h3>DNSCrypt v2</h3>
<ul>
<li><a href="https://simplednscrypt.org" target="_blank">Simple DNSCrypt (Windows)</a></li>
<li><a href="https://github.com/jedisct1/dnscrypt-proxy" target="_blank">dnscrypt-proxy
(macOS, Linux)</a></li>
<li><a href="https://itunes.apple.com/app/dnscloak-secure-dns-client/id1452162351" target="_blank">DNSCloak
(iOS)</a></li>
</ul>
</div>
<div class="w3-col m4 l3">
<h3>DNS-over-TLS</h3>
<ul>
<li><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby" target="_blank">Stubby (Linux, Windows, Mac)</a></li>
<li><a href="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen" target="_blank">Nebulo (DoT, DoH) -- Android</a></li>
<li><a href="https://www.nlnetlabs.nl/projects/unbound/about/" target="_blank">Unbound</a></li>
</ul>
</div>
<div class="w3-col m4 l3">
<h3>DNS-over-HTTPS</h3>
<ul>
<li><a href="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen" target="_blank">Nebulo (DoT, DoH) -- Android</a></li>
<li><a href="https://simplednscrypt.org/" target="_blank">Simple DNSCrypt (Windows)</a></li>
<li><a href="https://github.com/jedisct1/dnscrypt-proxy" target="_blank">dnscrypt-proxy
(macOS, Linux)</a></li>
<li><a href="https://itunes.apple.com/app/dnscloak-secure-dns-client/id1452162351" target="_blank">DNSCloak
(iOS)</a></li>
<li><a href="https://github.com/Jigsaw-Code/Intra" target="_blank">Intra (Android)</a></li>
<li><a href="https://www.mozilla.org/en-US/firefox/nightly/all/" target="_blank">Mozilla
Firefox (v66 above)</a></li>
</ul>
</div>
</div>
</div>
</div>
<button onclick="myAccFunc('Demo0')" class="w3-padding-16 w3-button w3-block w3-left-align w3-blue">More tools
</button>
<div id="Demo0" class="w3-hide">
<div class="w3-container w3-white">
<p class="w3-left-align">
DNSSEC validate <br>
1. DNSSEC validation: <a href="https://dnssec.vs.uni-due.de/" target="_blank"> Go</a> <br>
2. Internet.nl: <a href="https://internet.nl/" target="_blank">Go</a> <br>
3. DNSSEC resolver algorithm test: <a href="https://rootcanary.org/test.html" target="_blank">Go</a> <br>
4. Cloudflare tools: <a href="https://www.cloudflare.com/cdn-cgi/tracepoof" target="_blank">Go</a> | <a href="https://cloudflare-dns.com/help/">Go</a> <br>
5. Browserleaks test: <a href="https://browserleaks.com/ip">Go</a> <br>
6. Check my DNS: <a href="//cmdns.dev.dns-oarc.net/" target="_blank">Go</a><br>
7. DNS randomness: <a href="//www.dns-oarc.net/oarc/services/dnsentropy" target="_blank">Go</a><br>
8. DNS Spoofability test: <a href="https://www.grc.com/dns/dns.htm" target="_blank">Go</a><br>
9. DNSTrace: <a href="https://dnsdumpster.com/" target="_blank">Go</a><br>
10. Threats search: <a href="https://www.threatcrowd.org/">Go</a> <br>
11. Whoer.net <a href="https://whoer.net/" >Go</a> <br>
12. EDNS test <a href="https://ednscomp.isc.org/ednscomp/">Go</a>
</p>
</div>
</div>
<button onclick="myAccFunc('Demo1')" class="w3-padding-16 w3-button w3-block w3-left-align w3-red">What is Dns
over https (DoH)</button>
<div id="Demo1" class="w3-hide">
<div class="w3-container w3-white">
<p class="w3-left-align"> DNS over HTTPs (DoH)<br>
DNS over HTTPS is a new protocol designed to encrypt and secure DNS traffic over HTTPs.
<br>
It prevents DNS hijacking and ISPs from sniffing your traffic.
<br>
You can use will Infra on Android Phone, Mozilla firefox nightly, Chrome coming soon.
<br>
DNSCrypt v2 client does support DoH, see dnscrypt <a href="https://github.com/ookangzheng/blahdns/blob/master/client-conf/dnscrypt/dnscrypt-proxy.toml"><strong>configuration
example</strong></a> on Windows, Mac, Ios (DNSCloak)
</p>
</div>
</div>
<button onclick="myAccFunc('Demo2')" class="w3-padding-16 w3-yellow w3-button w3-block w3-left-align">What is
Dns-over-TLS</button>
<div id="Demo2" class="w3-hide">
<div class="w3-container w3-white">
<p class="w3-left-align">
Encrypted DNS - DNS over TLS <br>
DNS over TLS support is available on all our services through port 853 (standard port, some service may
support 443). <br>
DNS over TLS encrypts and authenticates all your DNS traffic to protect your privacy and prevent DNS
hijacking and sniffing.<br>
Client software: <a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a> |
<a href="https://www.nlnetlabs.nl/projects/unbound/about/"> Unbound </a>
<br>
<strong>How to get SPKI </strong>
<br>
Be sure you already install package <i>apt install gnutls-bin</i> <br>
<code>
gnutls-cli --print-cert -p 853 108.61.201.119 | grep "pin-sha256" | head -1
</code>
<br>
OR
<code>
kdig -d @108.61.201.119 +tls-ca +tls-host=dot-jp.blahdns.com blahdns.com
</code>
<br>
OR
<br>
<code>
echo | openssl s_client -connect '108.61.201.119:853' 2>/dev/null | openssl x509 -pubkey -noout | openssl
pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
</code>
<br>
<b>TLS1.3 support check</b> <br>
<code>
openssl s_client -connect 108.61.201.119:853
</code>
<br>
<i>Will return message: </i>
<pre>
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
</pre>
For troubleshooting go <a href="https://getdnsapi.net/query/">HERE</a>
</p>
</div>
</div>
<button onclick="myAccFunc('Demo3')" class="w3-padding-16 w3-pale-red w3-button w3-block w3-left-align">What is
DNS</button>
<div id="Demo3" class="w3-hide">
<div class="w3-container">
<p class="w3-left-align">The Domain Name System (DNS) is the phonebook of the Internet. Humans access
information online through domain names, like nytimes.com or espn.com. Web browsers interact through
Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet
resources.</p>
<p class="w3-left-align"> Each device connected to the Internet has a unique IP address which other machines
use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as
192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2
(in IPv6).</p>
</div>
</div>
</div>
<div class="w3-container">
<h2 class="w3-center" style="text-shadow:1px 1px 0 #444">FAQ</h2>
<div class="w3-border">
<div class="w3-bar w3-theme">
<button class="w3-bar-item w3-button testbtn w3-padding-16" onclick="openCity(event,'TLS')">Common question</button>
<button class="w3-bar-item w3-button testbtn w3-padding-16" onclick="openCity(event,'News')">News</button>
<button class="w3-bar-item w3-button testbtn w3-padding-16" onclick="openCity(event,'troubleshooting')">Troubleshoot</button>
</div>
<div id="TLS" class="w3-container city w3-animate-opacity">
<ul>
<li>How to fix Chrome on Android phone leaking DNS, check <a href="https://github.com/ookangzheng/blahdns/blob/master/FAQ.md#prevent-dns-leaking-from-chrome-browser-on-android-phone">HERE</a></li>
<li>Supported TLS v1.3, 1.2</li>
<li>We drop ANY type.</li>
<li>Why you building this porject? I started this project around 2016. During that time, with my private
dns, I need an easy way to filter ads and tracker, so I rent a server and learn how to achive this.</li>
<li>Why you dont like huge traffic? I'm still a student. and I run this service with my pocket money and
spare time. Just as a hobby to learn somehting new. buying big server or Anti-DDOS service will cost lot.</li>
</ul>
</div>
<div id="News" class="w3-container city w3-animate-opacity">
<ul>
<li><a href="https://techbeasts.com/block-ads-samsung-galaxy-without-third-party-applications-no-root/" target="_blank">Block Ads on Samsung Galaxy without third-party applications [No root required]</a></li>
<li><a href="https://www.reddit.com/r/GalaxyS8/comments/agoxl0/here_is_how_to_block_ads_on_android_pie_without/" target="_blank">Here is how to block Ads on Android Pie without root on the S8. NO APPS NEEDED! New option in Pie.</a></li>
<li><a href="https://www.reddit.com/r/GalaxyS9/comments/a94im7/blocking_ads_without_additional_software_in/" target="_blank">Blocking ads without additional software in Android 9.0 Pie (finally :D)</a></li>
<li><a href="https://www.androidsage.com/2018/12/25/how-to-block-ads-using-private-dns-dns-over-tls-feature/" target="_blank">How to Block Ads using Private DNS (DNS over TLS) Feature on Android 9.0 Pie or later without root https://www.androidsage.com/2018/12/25/how-to-block-ads-using-private-dns-dns-over-tls-feature/</a></li>
</ul>
</div>
<!-- troubleshooting -->
<div id="troubleshooting" class="w3-container city w3-animate-opacity">
<p>
curl -H 'content-type: application/dns-message' -vL -v 'https://doh-jp.blahdns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
</p>
<p>
kdig google.com @2001:19f0:7001:1ded:5400:1ff:fe90:945b +tls -p 443
</p>
<p>
kdig google.com @108.61.201.119
</p>
<p>
https://gist.github.com/meanevo/e70ca58e361fb4d1a9d262a8f12b173a (HAProxy)
https://stuff-things.net/2016/11/30/haproxy-sni/
https://pre-prod.chown.me/blog/running-dot-on-openbsd.html
https://www.haproxy.com/blog/introduction-to-haproxy-acls/
</p>
</div>
</div>
</div>
</div>
<!-- End padding -->
<!-- Footer -->
<footer class="w3-container w3-theme-dark w3-padding-16 w3-margin-top">
<div class="myPadding">
<p>
<h3>Disclamier</h3>
<p> Use at your own risk. Under no circumstances will the operator be held responsible or liable in any way for
any claims, damages, losses, expenses, costs or liabilities whatsoever (including, without limitation, any
direct or indirect damages for loss of profits, business interruption or loss of information) resulting or
arising directly or indirectly from accessing or otherwise using this service (Blahdns server).<br> The
operator does not guarantee in any way the access, availability and continuity of the functioning of this
service. By using this website and service you consent to the disclaimer and agree to its terms and
conditions. <br>
By using <a href="https://www.cloudflare.com/">Cloudflare</a> this website stores a cookie, created and
evaluated by Cloudflare. <br> This cookie is strictly necessary for Cloudflare's security features and cannot
be turned off. <a href="https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-Cloudflare-cfduid-cookie-do-">More
information.</a>
</p>
<p>Copyright 2016 - 2019 blahdns.com </p>
<p>
<i class="fa fa-github" aria-hidden="true"></i> <a href="https://github.com/ookangzheng/blahdns">Github</a>
|
<a href='https://ko-fi.com/P5P4GPQ8' target='_blank'>
<img height='36' style='border:0px;height:30px;' src='https://cdn.blahdns.com/kofi4.png'
border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>
|
<script src="https://liberapay.com/ookangzheng/widgets/button.js"></script>
<noscript><a href="https://liberapay.com/ookangzheng/donate"><img alt="Donate using Liberapay" src="https://liberapay.com/assets/widgets/donate.svg"></a></noscript>
|
<!--<a class="bmc-button" target="_blank" href="https://www.buymeacoffee.com/elk6NqZhi">-->
<!-- <img src="https://www.buymeacoffee.com/assets/img/BMC-btn-logo.svg">-->
<!-- <span style="margin-left:5px">Buy me a coffee</span></a>-->
<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=F2H8HS44QAV8N&source=url"><img style="height:40px" src="https://camo.githubusercontent.com/f896f7d176663a1559376bb56aac4bdbbbe85ed1/68747470733a2f2f7777772e70617970616c6f626a656374732e636f6d2f656e5f55532f692f62746e2f62746e5f646f6e61746543435f4c472e676966" alt="Donate with PayPal button" /></a>
|
🧘‍♂ <a href="https://qr.allpay.com.tw/ZoYHr">贊助</a>
</p>
<div style="position:relative;bottom:55px;" class="w3-tooltip w3-right">
<span class="w3-text w3-theme-light w3-padding">Go To Top</span> 
<a class="w3-text-white" href="#myHeader"><span class="w3-xlarge">
<i class="fa fa-chevron-circle-up"></i></span></a>
</div>
</div>
</footer>
<script src="https://cdn.blahdns.com/script.js"></script>
</body>
</html>

681
website/index.origin.html Executable file
View File

@@ -0,0 +1,681 @@
<!DOCTYPE html>
<html>
<title>Blahdns</title>
<meta charset="UTF-8">
<meta name="keywords" content="Ads block with DNS service for free">
<meta name="description" content="DNS, Adsblock, Content Farm, DNS server, hosts, malware, porn, drug, phishing">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="w3.css">
<link rel="stylesheet" href="black.css">
<!--<link rel="stylesheet" href="main.css">-->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<body>
<!-- Side Navigation -->
<!--<nav class="w3-sidebar w3-bar-block w3-card w3-animate-left w3-center" style="display:none" id="mySidebar">-->
<!-- <h1 class="w3-xxxlarge w3-text-theme">Side Navigation</h1>-->
<!-- <button class="w3-bar-item w3-button" onclick="w3_close()">Close <i class="fa fa-remove"></i></button>-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 1</a>-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 2</a>-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 3</a>-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 4</a>-->
<!--</nav>-->
<!-- Header -->
<header class="w3-container w3-sand w3-padding" style="height:100vh" id="myHeader">
<!--<i onclick="w3_open()" class="fa fa-bars w3-xlarge w3-button w3-theme"></i> -->
<div class=" w3-center">
<img src="logo.png" style="max-width: 70vw; margin-top: 15%; margin-bottom: 8%" />
</div>
<div class="w3-row w3-black w3-center w3-padding">
<h4 class="w3-text-white w3-center">Youre two minutes away from browsing a faster, more private internet.</h4>
</div>
<div class=" w3-row w3-pink w3-center w3-padding">
<h1 class="w3-opacity w3-animate-bottom w3-center">Browse the web without surprises</h1>
</div>
<!--<div class="w3-padding-32">-->
<!-- <button class="w3-btn w3-xlarge w3-dark-grey w3-hover-light-grey" onclick="document.getElementById('id01').style.display='block'" style="font-weight:900;">LEARN W3.CSS</button>-->
<!--</div>-->
</header>
<!-- Modal -->
<!--<div id="id01" class="w3-modal">-->
<!-- <div class="w3-modal-content w3-card-4 w3-animate-top">-->
<!-- <header class="w3-container w3-theme-l1"> -->
<!-- <span onclick="document.getElementById('id01').style.display='none'"-->
<!-- class="w3-button w3-display-topright">×</span>-->
<!-- <h4>Oh snap! We just showed you a modal..</h4>-->
<!-- <h5>Because we can <i class="fa fa-smile-o"></i></h5>-->
<!-- </header>-->
<!-- <div class="w3-padding">-->
<!-- <p>Cool huh? Ok, enough teasing around..</p>-->
<!-- <p>Go to our <a class="w3-btn" href="/w3css/default.asp">W3.CSS Tutorial</a> to learn more!</p>-->
<!-- </div>-->
<!-- <footer class="w3-container w3-theme-l1">-->
<!-- <p>Modal footer</p>-->
<!-- </footer>-->
<!-- </div>-->
<!--</div>-->
<div class="w3-row-padding w3-center w3-margin-top">
<div class="w3-third">
<div class="w3-card w3-container" style="min-height:460px">
<h3>Block ads and tracker</h3><br>
<div>
<img src="img-ad.png" style="width: 200px" alt="">
</div>
<p>How to block ads on router level? <br> The answer is DNS ad blocking. </p>
<p>It can be set up literally on any platform — PC, Mac, Android, iOS, etc. </p>
<p> You can even set it up on your router to block ads on all devices connected to your home Wi-Fi network.</p>
</div>
</div>
<div class="w3-third">
<div class="w3-card w3-container" style="min-height:460px">
<h3>Keep your anonymity</h3><br>
<div>
<img src="img-privacy.png" style="width: 180px" alt="">
</div>
<p>Blahdns allows you to use a specific encrypted protocol — DNS over HTTPS/2. </p>
<p>DNS requests are encrypted, which protects you from possible request interception and subsequent eavesdropping and/or alteration.</p>
<p>Every DNS request comes with DNSSEC</p>
</div>
</div>
<div class="w3-third">
<div class="w3-card w3-container" style="min-height:460px">
<h3>No logs and open</h3><br>
<div>
<img src="img-free.png" style="width: 200px" alt="">
</div>
<p>We will never log your IP address</p>
<p>We also support OpenNIC top-level domains</p>
<p>No logs</p>
<p>Always free to use</p>
</div>
</div>
</div>
<div class="w3-container">
<!--<div class="w3-center">-->
<!-- <h2>Color Classes</h2>-->
<!--</div>-->
<!--<div class="w3-row">-->
<!-- <div class="w3-col w3-container m2 w3-red"><p>Red</p></div>-->
<!-- <div class="w3-col w3-container m2 w3-blue"><p>Blue</p></div>-->
<!-- <div class="w3-col w3-container m2 w3-blue-grey"><p>Blue Grey</p></div>-->
<!-- <div class="w3-col w3-container m2 w3-teal"><p>Teal</p></div>-->
<!-- <div class="w3-col w3-container m2 w3-yellow"><p>Yellow</p></div>-->
<!-- <div class="w3-col w3-container m2 w3-orange"><p>Orange</p></div>-->
<!--</div>-->
<!--<hr>-->
<!--<div class="w3-center">-->
<!-- <h2>Built-In Responsiveness</h2>-->
<!-- <p class="w3-large">Resize the page to see the effect!</p>-->
<!--</div>-->
<!--<br>-->
<!--<div class="w3-row w3-border">-->
<!-- <div class="w3-half w3-container w3-blue w3-border">-->
<!-- <h5>w3-half</h5> -->
<!-- <p>The w3-half class uses half (50%) of the screen window.</p>-->
<!-- <p>On small screens (max 600 pixels) it automatically resizes to full screen width.</p>-->
<!-- </div>-->
<!-- <div class="w3-half w3-container">-->
<!-- <h5>w3-half</h5> -->
<!-- </div>-->
<!--</div>-->
<!--<br>-->
<!--<div class="w3-row w3-border">-->
<!-- <div class="w3-third w3-container w3-green">-->
<!-- <h5>w3-third</h5> -->
<!-- <p>The w3-third class uses one third (33.33%) of the screen widow.</p>-->
<!-- <p>On small screens (max 600 pixels) it automatically resizes to full screen width.</p>-->
<!-- </div>-->
<!-- <div class="w3-third w3-container">-->
<!-- <h5>w3-third</h5> -->
<!-- </div>-->
<!-- <div class="w3-third w3-container">-->
<!-- <h5>w3-third</h5> -->
<!-- </div>-->
<!--</div>-->
<!--<br>-->
<!--<div class="w3-row w3-border">-->
<!-- <div class="w3-quarter w3-container w3-red">-->
<!-- <h5>w3-quarter</h5> -->
<!-- <p>The w3-quarter class uses one quarter (25%) of the screen window.</p>-->
<!-- <p>On small screens (max 600 pixels) it automatically resizes to full screen width.</p>-->
<!-- </div>-->
<!-- <div class="w3-quarter w3-container">-->
<!-- <h5>w3-quarter</h5> -->
<!-- </div>-->
<!-- <div class="w3-quarter w3-container">-->
<!-- <h5>w3-quarter</h5> -->
<!-- </div>-->
<!-- <div class="w3-quarter w3-container">-->
<!-- <h5>w3-quarter</h5> -->
<!-- </div>-->
<!--</div> -->
<!--<div class="w3-center">-->
<!-- <h2>Containers</h2>-->
<!-- <p>Use containers to create headers, sections and footers.</p>-->
<!--</div> -->
<!--<header class="w3-container w3-blue-grey">-->
<!-- <h2>Header</h2>-->
<!--</header>-->
<!--<div class="w3-padding w3-white w3-display-container">-->
<!-- <span onclick="this.parentElement.style.display='none'" class="w3-button w3-display-topright"><i class="fa fa-remove"></i></span>-->
<!-- <h2>London</h2>-->
<!-- <p>London is the capital city of England. It is the most populous city in the United Kingdom,-->
<!-- with a metropolitan area of over 13 million inhabitants.</p>-->
<!-- <p>Standing on the River Thames, London has been a major settlement for two millennia,-->
<!-- its history going back to its founding by the Romans, who named it Londinium.</p>-->
<!-- <p>By the way, you can add a close icon to all containers if you want the ability to hide them. Look to your right!</p>-->
<!--</div>-->
<!--<footer class="w3-container w3-blue-grey">-->
<!-- <h5>Footer</h5>-->
<!-- <p class="w3-opacity">Footer information goes here</p>-->
<!--</footer>-->
<hr>
<div class="w3-center">
<h2 style="text-shadow:1px 1px 0 #444">Our servers</h2>
<!--<p>The color themes have been designed to work harmoniously with each other.</p>-->
</div>
</div>
<div class="w3-row-padding">
<div class="w3-half">
<div class="w3-card white">
<div class="w3-container w3-indigo">
<h3>Tokyo, Japan</h3>
</div>
<!--<div class="w3-container">-->
<!--<h3 class="w3-text-indigo">Movies 2014</h3>-->
<!--</div>-->
<ul class="w3-ul w3-border-top">
<li>
<h3>IPv4</h3>
<p>45.63.124.65</p>
</li>
<li>
<h3>IPv6</h3>
<p>2001:19f0:7002:1249:5400:1ff:fe70:15a6</p>
</li>
<li>
<h3>Dns over https/2</h3>
<p>https://doh.blahdns.com/dns-query</p>
</li>
</ul>
<!--<div class="w3-container w3-indigo w3-large"><span class="w3-right">Next</span></div>-->
</div>
</div>
<div class="w3-half">
<div class="w3-card white">
<div class="w3-container w3-theme">
<h3>Frankfut, Germany</h3>
</div>
<!--<div class="w3-container">-->
<!--<h3 class="w3-text-theme">Movies 2014</h3>-->
<!--</div>-->
<ul class="w3-ul w3-border-top">
<li>
<h3>IPv4</h3>
<p>217.61.0.97</p>
</li>
<li>
<h3>IPv6</h3>
<p>soon.</p>
</li>
<li>
<h3>Dns over TLS</h3>
<p>soon.</p>
</li>
</ul>
<!--<div class="w3-container w3-theme w3-large"><span class="w3-right">Next</span></div>-->
</div>
</div>
</div>
<!--<div class="w3-container w3-center">-->
<!-- <h3>News</h3>-->
<!--</div>-->
<!--<div class="w3-row-padding"> -->
<!--<div class="w3-third">-->
<!--<div class="w3-card">-->
<!-- <img src="/w3images/car.jpg" alt="Car" style="width:100%">-->
<!-- <div class="w3-container">-->
<!-- <p>w3-card</p>-->
<!-- </div>-->
<!--</div>-->
<!--</div>-->
<!--<div class="w3-third">-->
<!--<div class="w3-card-4">-->
<!-- <img src="/w3images/car.jpg" alt="Car" style="width:100%">-->
<!-- <div class="w3-container">-->
<!-- <p>w3-card-4</p>-->
<!-- </div>-->
<!--</div>-->
<!--</div>-->
<!--<div class="w3-third">-->
<!--<div class="w3-card-4">-->
<!-- <img src="/w3images/car.jpg" alt="Car" style="width:100%">-->
<!-- <div class="w3-container">-->
<!-- <p>w3-card-4</p>-->
<!-- </div>-->
<!--</div>-->
<!--</div>-->
<!--</div>-->
<!--<div class="w3-container">-->
<!-- <hr>-->
<!-- <div class="w3-center">-->
<!-- <h2>Tables</h2>-->
<!-- <p w3-class="w3-large">Don't worry. W3.CSS takes care of your tables.</p>-->
<!-- </div>-->
<!--<div class="w3-responsive w3-card-4">-->
<!--<table class="w3-table w3-striped w3-bordered">-->
<!--<thead>-->
<!--<tr class="w3-theme">-->
<!-- <th>First Name</th>-->
<!-- <th>Last Name</th>-->
<!-- <th>Points</th>-->
<!--</tr>-->
<!--</thead>-->
<!--<tbody>-->
<!--<tr>-->
<!-- <td>Jill</td>-->
<!-- <td>Smith</td>-->
<!-- <td>50</td>-->
<!--</tr>-->
<!--<tr class="w3-white">-->
<!-- <td>Eve</td>-->
<!-- <td>Jackson</td>-->
<!-- <td>94</td>-->
<!--</tr>-->
<!--<tr>-->
<!-- <td>Adam</td>-->
<!-- <td>Johnson</td>-->
<!-- <td>67</td>-->
<!--</tr>-->
<!--</tbody>-->
<!--</table>-->
<!--</div>-->
<!--<hr>-->
<!--<h2 class="w3-center">Forms and Lists</h2>-->
<!--</div>-->
<!--<div class="w3-row-padding">-->
<!--<div class="w3-half">-->
<!--<form class="w3-container w3-card-4">-->
<!-- <h2>Input Form</h2>-->
<!-- <div class="w3-section"> -->
<!-- <input class="w3-input" type="text" required>-->
<!-- <label>Name</label>-->
<!-- </div>-->
<!-- <div class="w3-section"> -->
<!-- <input class="w3-input" type="text" required>-->
<!-- <label>Email</label>-->
<!-- </div>-->
<!-- <div class="w3-section"> -->
<!-- <input class="w3-input" type="text" required>-->
<!-- <label>Subject</label>-->
<!-- </div>-->
<!-- <div class="w3-row">-->
<!-- <div class="w3-half">-->
<!-- <input id="milk" class="w3-check" type="checkbox" checked="checked">-->
<!-- <label>Milk</label>-->
<!-- <br>-->
<!-- <input id="sugar" class="w3-check" type="checkbox">-->
<!-- <label>Sugar</label>-->
<!-- <br>-->
<!-- <input id="lemon" class="w3-check" type="checkbox" disabled>-->
<!-- <label>Lemon (Disabled)</label>-->
<!-- <br><br>-->
<!-- </div>-->
<!-- <div class="w3-half">-->
<!-- <input id="male" class="w3-radio" type="radio" name="gender" value="male" checked>-->
<!-- <label>Male</label>-->
<!-- <br>-->
<!-- <input id="female" class="w3-radio" type="radio" name="gender" value="female">-->
<!-- <label>Female</label>-->
<!-- <br>-->
<!-- <input id="unknown" class="w3-radio" type="radio" name="gender" value="" disabled>-->
<!-- <label> Don't know (Disabled)</label>-->
<!-- </div>-->
<!-- </div>-->
<!--</form>-->
<!--</div>-->
<!--<div class="w3-half">-->
<!--<div class="w3-card-4 w3-container">-->
<!--<h2>Lists</h2>-->
<!--<ul class="w3-ul w3-margin-bottom">-->
<!-- <li>Jill</li>-->
<!-- <li>Eve</li>-->
<!-- <li>Adam</li>-->
<!--</ul>-->
<!--<br>-->
<!--<ul class="w3-ul w3-border w3-hoverable">-->
<!-- <li class="w3-theme">Jill</li>-->
<!-- <li>Eve</li>-->
<!-- <li>Adam</li>-->
<!-- <li>Steve</li>-->
<!--</ul>-->
<!--<br>-->
<!--</div>-->
<!--</div>-->
<!--</div>-->
<!--<hr>-->
<!--<h2 class="w3-center">Progress Bars</h2>-->
<!--<div class="w3-container">-->
<!--<div class="w3-light-gray">-->
<!-- <div id="myBar" class="w3-center w3-padding w3-theme" style="width:5%">5%</div>-->
<!--</div><br>-->
<!--<button class="w3-btn w3-theme" onclick="move()">Click Me</button> -->
<!--</div>-->
<!--<hr>-->
<!--<h2 class="w3-center">Slideshows</h2>-->
<!--<div class="w3-content" style="max-width:800px;position:relative">-->
<!--<img class="mySlides w3-animate-opacity" src="/w3images/snow.jpg" style="width:100%">-->
<!--<img class="mySlides w3-animate-opacity" src="/w3images/lights.jpg" style="width:100%">-->
<!--<img class="mySlides w3-animate-opacity" src="/w3images/mountains.jpg" style="width:100%">-->
<!--<img class="mySlides w3-animate-opacity" src="/w3images/forest.jpg" style="width:100%">-->
<!--<a class="w3-button w3-hover-dark-grey" style="position:absolute;top:45%;left:0;" onclick="plusDivs(-1)"></a>-->
<!--<a class="w3-button w3-hover-dark-grey" style="position:absolute;top:45%;right:0;" onclick="plusDivs(+1)"></a>-->
<!--</div>-->
<!--<div class="w3-container">-->
<!--<hr>-->
<!--<h2 class="w3-center">Navigation</h2>-->
<!--<div class="w3-bar w3-theme">-->
<!-- <a href="#" class="w3-bar-item w3-button w3-padding-16">Home</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-padding-16">Link 1</a>-->
<!-- <div class="w3-dropdown-hover">-->
<!-- <button class="w3-button w3-padding-16">-->
<!-- Dropdown <i class="fa fa-caret-down"></i>-->
<!-- </button>-->
<!-- <div class="w3-dropdown-content w3-card-4 w3-bar-block">-->
<!-- <a href="javascript:void(0)" class="w3-bar-item w3-button">Link 1</a>-->
<!-- <a href="javascript:void(0)" class="w3-bar-item w3-button">Link 2</a>-->
<!-- <a href="javascript:void(0)" class="w3-bar-item w3-button">Link 3</a>-->
<!-- </div>-->
<!-- </div>-->
<!--</div>-->
<!--<hr>-->
<div class="w3-container w3-center">
<h2 class="w3-center" style="text-shadow:1px 1px 0 #444">News</h2>
<button onclick="myAccFunc('Demo1')" class="w3-padding-16 w3-button w3-block w3-left-align w3-red">What is Dns over https (DoH)</button>
<div id="Demo1" class="w3-hide">
<div class="w3-container w3-white">
<p class="w3-left-align"> DNS over HTTPS (DoH)<br>
DNS over HTTPS is a new protocol designed to encrypt and secure DNS traffic over HTTPS (or HTTP/2).
<br>
It prevents DNS hijacking and ISPs from sniffing your traffic. We built an anycast network for our DoH service to give you a good performance, like you would get with our DNSCrypt or standard DNS services.
</p>
<p class="w3-left-align"><i class="fa fa-bookmark-o" aria-hidden="true"></i> alternative: https://doh.datt.pw/dns-query </p>
</div>
</div>
<button onclick="myAccFunc('Demo2')" class="w3-padding-16 w3-yellow w3-button w3-block w3-left-align">What is DnsCrypt</button>
<div id="Demo2" class="w3-hide">
<p class="w3-left-align">
Encrypted DNS - DNS over TLS support
DNS over TLS support is available on all our services through port 853. <br>
DNS over TLS encrypts and authenticates all your DNS traffic to protect your privacy and prevent DNS hijacking and sniffing.
</p>
</div>
<button onclick="myAccFunc('Demo3')" class="w3-padding-16 w3-pale-red w3-button w3-block w3-left-align">What is DNS</button>
<div id="Demo3" class="w3-hide">
<div class="w3-container">
<p class="w3-left-align">Accordion with Images:</p>
<img src="https://2r4s9p1yi1fa2jd7j43zph8r-wpengine.netdna-ssl.com/files/2018/05/02_06.png" style="width:50%;" class="w3-animate-zoom">
<p class="w3-left-align">The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.</p>
<p class="w3-left-align"> Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).</p>
</div>
</div>
</div>
<div class="w3-container">
<h2 class="w3-center" style="text-shadow:1px 1px 0 #444">How to setup</h2>
<div class="w3-border">
<div class="w3-bar w3-theme">
<button class="w3-bar-item w3-button testbtn w3-padding-16" onclick="openCity(event,'Mac')">Mac</button>
<button class="w3-bar-item w3-button testbtn w3-padding-16" onclick="openCity(event,'Windows')">Windows</button>
<button class="w3-bar-item w3-button testbtn w3-padding-16" onclick="openCity(event,'Router')">Router</button>
</div>
<div id="Mac" class="w3-container city w3-animate-opacity">
<ul >
<li>1. Open System Preferences</li>
<li>2. Search for DNS Servers and select it from the dropdown.</li>
<li>3. Click the + button to add a DNS Server and enter IPv4/6</li>
<li>4. Click Ok, then click Apply.</li>
<li>5. Youre all set! Your device now has faster, more private DNS servers ✌️✌️</li>
</ul>
</div>
<div id="Windows" class="w3-container city w3-animate-opacity">
<ul >
<li>1. Click on the Start menu, then click on Control Panel.</li>
<li>2. Click on Network and Internet.</li>
<li>3. Click on Change Adapter Settings.</li>
<li>4. Right click on the Wi-Fi network you are connected to, then click <strong>Properties </strong>.</li>
<li>5. Select Internet Protocol Version 4 (or Version 6 if desired).</li>
<li>6. Click Properties.</li>
<li>7. Click Use The Following DNS Server Addresses.</li>
<li>8. Replace those addresses with the Blahdns addresses</li>
<li>9. Youre all set! Your device now has faster, more private DNS servers ✌️✌️</li>
</ul>
</div>
<div id="Router" class="w3-container city w3-animate-opacity">
<ul >
<li>1. Enter your routers gateway IP address in your browser, exp. 192.168.1.1</li>
<li>2. In your routers configuration page, locate the DNS server settings. (DHCP/WAN)</li>
<li>3. Replace those addresses with the Blahdns addresses</li>
<li>4. Save your settings, then restart your router.</li>
<li>5. Youre all set! Your device now has faster, more private DNS servers ✌️✌️</li>
</ul>
</div>
</div>
</div>
<!--<hr>-->
<!--<h2 class="w3-center">Buttons</h2>-->
<!--<div class="w3-center">-->
<!-- <br>-->
<!-- <a class="w3-button w3-theme">Button</a>-->
<!-- <a class="w3-button w3-theme">Button</a>-->
<!-- <a class="w3-button w3-theme-d3 w3-disabled">Button</a>-->
<!-- <br><br>-->
<!-- <a class="w3-button w3-circle w3-large w3-black"><i class="fa fa-plus"></i></a>-->
<!-- <a class="w3-button w3-circle w3-large w3-theme"><i class="fa fa-plus"></i></a> -->
<!-- <a class="w3-button w3-circle w3-large w3-card-4"><i class="fa fa-plus"></i></a>-->
<!--</div>-->
<!--<br>-->
<!--<div class="w3-center">-->
<!-- <div class="w3-dropdown-hover">-->
<!-- <button class="w3-button w3-theme">Dropdown <i class="fa fa-caret-down"></i></button>-->
<!-- <div class="w3-dropdown-content w3-bar-block w3-border">-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 1</a>-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 2</a>-->
<!-- <a href="#" class="w3-bar-item w3-button">Link 3</a>-->
<!-- </div>-->
<!-- </div>-->
<!--</div>-->
<!--</div>-->
<!--<hr>-->
<!--<div class="w3-center">-->
<!-- <h2>Pagination</h2>-->
<!-- Pagination -->
<!-- <div class="w3-center w3-padding-32">-->
<!-- <div class="w3-bar">-->
<!-- <a href="#" class="w3-bar-item w3-button w3-hover-theme">«</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-theme w3-hover-theme">1</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-hover-theme">2</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-hover-theme">3</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-hover-theme">4</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-hover-theme">5</a>-->
<!-- <a href="#" class="w3-bar-item w3-button w3-hover-theme">»</a>-->
<!-- </div>-->
<!-- </div>-->
<!--</div>-->
<!--<br>-->
<!-- Footer -->
<footer class="w3-container w3-theme-dark w3-padding-16 w3-margin-top">
<h3 style="text-shadow:1px 1px 0 #444">Blahdns</h3>
<p>Copyright 2016 - 2018 blahdns.com </p>
<i class="fa fa-github" aria-hidden="true"></i> <a href="https://github.com/ookangzheng/blahdns">Github</a>
|
<i class="fa fa-coffee" aria-hidden="true"></i> <a href="https://buymeacoff.ee/elk6NqZhi">Buy me a coffee</a>
|
🧘‍♂ <a href="https://qr.allpay.com.tw/ZoYHr"> 咖啡一杯</a>
|
<i class="fa fa-envelope-o" aria-hidden="true"></i> <a href="mailto:hi@blahdns.com">Contact Me</a>
<div style="position:relative;bottom:55px;" class="w3-tooltip w3-right">
<span class="w3-text w3-theme-light w3-padding">Go To Top</span> 
<a class="w3-text-white" href="#myHeader"><span class="w3-xlarge">
<i class="fa fa-chevron-circle-up"></i></span></a>
</div>
<!--<p>Remember to check out our  <a href="w3css_references.asp" class="w3-btn w3-theme-light" target="_blank">W3.CSS Reference</a></p>-->
</footer>
<!-- Script for Sidebar, Tabs, Accordions, Progress bars and slideshows -->
<script>
(function(i, s, o, g, r, a, m) {
i['GoogleAnalyticsObject'] = r;
i[r] = i[r] || function() {
(i[r].q = i[r].q || []).push(arguments)
}, i[r].l = 1 * new Date();
a = s.createElement(o),
m = s.getElementsByTagName(o)[0];
a.async = 1;
a.src = g;
m.parentNode.insertBefore(a, m)
})(window, document, 'script', 'https://www.google-analytics.com/analytics.js', 'ga');
ga('create', 'UA-10405417-12', 'auto');
ga('send', 'pageview');
// Side navigation
function w3_open() {
var x = document.getElementById("mySidebar");
x.style.width = "100%";
x.style.fontSize = "40px";
x.style.paddingTop = "10%";
x.style.display = "block";
}
function w3_close() {
document.getElementById("mySidebar").style.display = "none";
}
// Tabs
function openCity(evt, cityName) {
var i;
var x = document.getElementsByClassName("city");
for (i = 0; i < x.length; i++) {
x[i].style.display = "none";
}
var activebtn = document.getElementsByClassName("testbtn");
for (i = 0; i < x.length; i++) {
activebtn[i].className = activebtn[i].className.replace(" w3-dark-grey", "");
}
document.getElementById(cityName).style.display = "block";
evt.currentTarget.className += " w3-dark-grey";
}
var mybtn = document.getElementsByClassName("testbtn")[0];
mybtn.click();
// Accordions
function myAccFunc(id) {
var x = document.getElementById(id);
if (x.className.indexOf("w3-show") == -1) {
x.className += " w3-show";
} else {
x.className = x.className.replace(" w3-show", "");
}
}
// Slideshows
var slideIndex = 1;
function plusDivs(n) {
slideIndex = slideIndex + n;
showDivs(slideIndex);
}
function showDivs(n) {
var x = document.getElementsByClassName("mySlides");
if (n > x.length) {slideIndex = 1}
if (n < 1) {slideIndex = x.length} ;
for (i = 0; i < x.length; i++) {
x[i].style.display = "none";
}
x[slideIndex-1].style.display = "block";
}
showDivs(1);
// Progress Bars
function move() {
var elem = document.getElementById("myBar");
var width = 5;
var id = setInterval(frame, 10);
function frame() {
if (width == 100) {
clearInterval(id);
} else {
width++;
elem.style.width = width + '%';
elem.innerHTML = width * 1 + '%';
}
}
}
</script>
</body>
</html>

BIN
website/logo.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

143
website/script.js Executable file
View File

@@ -0,0 +1,143 @@
// Edited Jun 27, 2019
// Maintainer: @ookangzheng
// https://developer.mozilla.org/en-US/docs/Web/API/AbortController
(function() {
const url = "https://test.blahdns.com";
let controller = new AbortController();
let signal = controller.signal;
let timeout = 1500;
let time = setTimeout(() => {
//console.log("TEST request timeout");
controller.abort();
}, timeout);
fetch(url, {
time,
credentials: "same-origin",
method: "HEAD",
mode: "no-cors",
cache: "no-cache"
})
.then(function(response) {
clearTimeout(time);
if (response.status == 0 || response.status == 403) {
text.innerHTML = "You're <strong> using </strong> Blahdns";
} else {
text.innerHTML = "You're <strong> not </strong> using Blahdns";
}
})
.catch(error => console.log(error));
})();
function handleErrors(response) {
console.log("Resopone here");
if (!response.ok) {
throw Error(response.statusText);
}
return response;
}
const text = document.querySelector("#status");
//const domainRegex = /^([a-zA-Z0-9]+(([\-]?[a-zA-Z0-9]+)*\.)+)*[a-zA-Z]{2,}$/;
const domainRegex = /^(?:(?:(?:[a-zA-z\-]+)\:\/{1,3})?(?:[a-zA-Z0-9])(?:[a-zA-Z0-9-\.]){1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+|\[(?:(?:(?:[a-fA-F0-9]){1,4})(?::(?:[a-fA-F0-9]){1,4}){7}|::1|::)\]|(?:(?:[0-9]{1,3})(?:\.[0-9]{1,3}){3}))(?:\:[0-9]{1,5})?$/;
// const domainRegex = /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/
const domainInput = document.querySelector("#domainName");
const btnCheck = document.querySelector("#btnCheck");
const returnStat = document.querySelector("#returnStatus");
btnCheck.addEventListener("click", queryStatus);
function queryStatus() {
const url = `https://blahdns.com/api/${domainInput.value}`;
if (!domainRegex.test(domainInput.value)) {
return returnStat.innerHTML = `Please input valid URL and no space`
}
if (domainRegex.test(domainInput.value)) {
returnStat.innerHTML = `loading....`;
let controller = new AbortController();
let signal = controller.signal;
let timeout = 2000;
let time = setTimeout(() => {
console.log("Client request timeout");
returnStat.innerHTML = `Request timeout`;
controller.abort();
}, timeout);
fetch(url, { time })
.then(response => {
return response.json()
})
.then(data => {
// Work with JSON data here
console.log(data)
let result = JSON.stringify(data.status);
if (result === '"ok"') {
clearTimeout(time);
returnStat.innerHTML = `Domain: ${
domainInput.value
} is <strong>not</strong> block`;
}
if (result === '"failed"') {
clearTimeout(time);
returnStat.innerHTML = `Domain: ${
domainInput.value
} lookup <strong>failed or blocked</strong>`;
}
})
.catch(error => console.log(error));
}
//return (returnStat.innerHTML = `Please input valid URL and no space`);
}
(function(a,b,c){var d=a.history,e=document,f=navigator||{},g=localStorage,
h=encodeURIComponent,i=d.pushState,k=function(){return Math.random().toString(36)},
l=function(){return g.cid||(g.cid=k()),g.cid},m=function(r){var s=[];for(var t in r)
r.hasOwnProperty(t)&&void 0!==r[t]&&s.push(h(t)+"="+h(r[t]));return s.join("&")},
n=function(r,s,t,u,v,w,x){var z="https://www.google-analytics.com/collect",
A=m({v:"1",ds:"web",aip:c.anonymizeIp?1:void 0,tid:b,cid:l(),t:r||"pageview",
sd:c.colorDepth&&screen.colorDepth?screen.colorDepth+"-bits":void 0,dr:e.referrer||
void 0,dt:e.title,dl:e.location.origin+e.location.pathname+e.location.search,ul:c.language?
(f.language||"").toLowerCase():void 0,de:c.characterSet?e.characterSet:void 0,
sr:c.screenSize?(a.screen||{}).width+"x"+(a.screen||{}).height:void 0,vp:c.screenSize&&
a.visualViewport?(a.visualViewport||{}).width+"x"+(a.visualViewport||{}).height:void 0,
ec:s||void 0,ea:t||void 0,el:u||void 0,ev:v||void 0,exd:w||void 0,exf:"undefined"!=typeof x&&
!1==!!x?0:void 0});if(f.sendBeacon)f.sendBeacon(z,A);else{var y=new XMLHttpRequest;
y.open("POST",z,!0),y.send(A)}};d.pushState=function(r){return"function"==typeof d.onpushstate&&
d.onpushstate({state:r}),setTimeout(n,c.delay||10),i.apply(d,arguments)},n(),
a.ma={trackEvent:function o(r,s,t,u){return n("event",r,s,t,u)},
trackException:function q(r,s){return n("exception",null,null,null,null,r,s)}}})
(window,"UA-10405417-12",{anonymizeIp:true,colorDepth:true,characterSet:true,screenSize:true,language:true});
function w3_close() {
document.getElementById("mySidebar").style.display = "none";
}
// Tabs
function openCity(evt, cityName) {
var i;
var x = document.getElementsByClassName("city");
for (i = 0; i < x.length; i++) {
x[i].style.display = "none";
}
var activebtn = document.getElementsByClassName("testbtn");
for (i = 0; i < x.length; i++) {
activebtn[i].className = activebtn[i].className.replace(
" w3-dark-grey",
""
);
}
document.getElementById(cityName).style.display = "block";
evt.currentTarget.className += " w3-dark-grey";
}
var mybtn = document.getElementsByClassName("testbtn")[0];
mybtn.click();
// Accordions
function myAccFunc(id) {
var x = document.getElementById(id);
if (x.className.indexOf("w3-show") == -1) {
x.className += " w3-show";
} else {
x.className = x.className.replace(" w3-show", "");
}
}

1
website/w3.css Executable file
View File

File diff suppressed because one or more lines are too long