GithubHelp home page GithubHelp logo

Comments (13)

spirillen avatar spirillen commented on July 25, 2024 1

It appears the both domains from the rules are solely used for adware

could you test this by adding the following rules to your filters??

||v4dwkcv.com^
||ieeod0.com^

image

image

from ublock.

spirillen avatar spirillen commented on July 25, 2024 1

😃

That's easy :) just remove any dns records from the zone or simply remove the zone from the dns servers

Try drill -T v4dwkcv.com

drill -T v4dwkcv.com
.       518400  IN      NS      l.root-servers.net.
.       518400  IN      NS      j.root-servers.net.
.       518400  IN      NS      d.root-servers.net.
.       518400  IN      NS      h.root-servers.net.
.       518400  IN      NS      b.root-servers.net.
.       518400  IN      NS      f.root-servers.net.
.       518400  IN      NS      g.root-servers.net.
.       518400  IN      NS      e.root-servers.net.
.       518400  IN      NS      m.root-servers.net.
.       518400  IN      NS      c.root-servers.net.
.       518400  IN      NS      i.root-servers.net.
.       518400  IN      NS      a.root-servers.net.
.       518400  IN      NS      k.root-servers.net.
com.    172800  IN      NS      a.gtld-servers.net.
com.    172800  IN      NS      b.gtld-servers.net.
com.    172800  IN      NS      c.gtld-servers.net.
com.    172800  IN      NS      d.gtld-servers.net.
com.    172800  IN      NS      e.gtld-servers.net.
com.    172800  IN      NS      f.gtld-servers.net.
com.    172800  IN      NS      g.gtld-servers.net.
com.    172800  IN      NS      h.gtld-servers.net.
com.    172800  IN      NS      i.gtld-servers.net.
com.    172800  IN      NS      j.gtld-servers.net.
com.    172800  IN      NS      k.gtld-servers.net.
com.    172800  IN      NS      l.gtld-servers.net.
com.    172800  IN      NS      m.gtld-servers.net.
v4dwkcv.com.    172800  IN      NS      ns3.dnsv4.com.
v4dwkcv.com.    172800  IN      NS      ns4.dnsv4.com.
v4dwkcv.com.    180     IN      SOA     ns3.dnsv4.com. enterprise2dnsadmin.dnspod.com. 1547519214 3600 180 1209600 180

Then you can see the complete lookup flow from the root servers and down, here you'll see that ns3.dnsv4.com & ns4.dnsv4.com are set authorotative DNS servers so let's ask them for any A/AAAA records

drill -t a v4dwkcv.com @ns3.dnsv4.com.
;; v4dwkcv.com. IN      A

;; AUTHORITY SECTION:
v4dwkcv.com.    180     IN      SOA     ns3.dnsv4.com. enterprise2dnsadmin.dnspod.com. 1547519214 3600 180 1209600 180

drill -t a v4dwkcv.com @ns4.dnsv4.com.
;; v4dwkcv.com. IN      A

;; AUTHORITY SECTION:
v4dwkcv.com.    180     IN      SOA     ns3.dnsv4.com. enterprise2dnsadmin.dnspod.com. 1547519214 3600 180 1209600 180

drill -t aaaa v4dwkcv.com @ns4.dnsv4.com.
;; v4dwkcv.com. IN      AAAA

;; AUTHORITY SECTION:
v4dwkcv.com.    600     IN      SOA     ns3.dnsv4.com. enterprise2dnsadmin.dnspod.com. 1547519214 3600 180 1209600 180

drill -t aaaa v4dwkcv.com @ns3.dnsv4.com.
;; QUESTION SECTION:
;; v4dwkcv.com. IN      AAAA

;; AUTHORITY SECTION:
v4dwkcv.com.    600     IN      SOA     ns3.dnsv4.com. enterprise2dnsadmin.dnspod.com. 1547519214 3600 180 1209600 180

As you can see there are no A/AAAA records in the in the zone file, and your dig is default asking for the A record unless you tells it something else with the -t arg

from ublock.

4yx avatar 4yx commented on July 25, 2024

Firstly, use uBlock Origin (you can find it on https://github.com/gorhill/uBlock), for more info you can see #1838. Then, go to the settings (the "Open the dashboard" button), and to the "My filters" tab. Once you're there, paste the following, and apply changes:

! 2021-05-02 https://ajnnan.com
||c.v4dwkcv.com//s/img/dot.gif$image
||g.ieeod0.com/b/1/*/*/*/*.html?uid=*&hlogo=*&&$subdocument

These filters worked for me, if they no longer work for you you can try experimenting with the pick element button like I did.

from ublock.

alcwj828 avatar alcwj828 commented on July 25, 2024

It appears the both domains from the rules are solely used for adware

could you test this by adding the following rules to your filters??

||v4dwkcv.com^
||ieeod0.com^

image

image

these 2 lines completely remove those frames awesome help thanks a million !!!

from ublock.

spirillen avatar spirillen commented on July 25, 2024

I'll thanks you as well, as I now can add them to mypdns.org 😏 as adware servers

from ublock.

iam-py-test avatar iam-py-test commented on July 25, 2024

@spirillen it appears that v4dwkcv.com and ieeod0.com are offline.

from ublock.

spirillen avatar spirillen commented on July 25, 2024

Keeping them, as they are alive, at least in the WHOIS DB, which means they possibly can/will be back online in a split second.

pyfunceble -a -d v4dwkcv.com ieeod0.com

image

But thanks for your heads up @iam-py-test 👍

from ublock.

iam-py-test avatar iam-py-test commented on July 25, 2024

Keeping them, as they are alive, at least in the WHOIS DB, which means they possibly can/will be back online in a split second.

pyfunceble -a -d v4dwkcv.com ieeod0.com

image

But thanks for your heads up @iam-py-test 👍

Ok! https://who.is/whois/v4dwkcv.com confirms that their WHOIS is still online.
How can they have WHOIS records but not resolve?
image

from ublock.

iam-py-test avatar iam-py-test commented on July 25, 2024

Ok, Thank you for replying.
I tried drill -T v4dwkcv.com and got an error

image

from ublock.

spirillen avatar spirillen commented on July 25, 2024

PS: You don't need to visit ripe/Arin to get the whois information, You can do it from your terminal

whois v4dwkcv.com
   Domain Name: V4DWKCV.COM
   Registry Domain ID: 2081195414_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.ename.com
   Registrar URL: http://www.ename.net
   Updated Date: 2020-11-11T22:21:34Z
   Creation Date: 2016-12-12T02:34:30Z
   Registry Expiry Date: 2021-12-12T02:34:30Z
   Registrar: eName Technology Co., Ltd.
   Registrar IANA ID: 1331
   Registrar Abuse Contact Email: [email protected]
   Registrar Abuse Contact Phone: 86.4000044400
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: NS3.DNSV4.COM
   Name Server: NS4.DNSV4.COM

You might however need to install jwhois first

from ublock.

iam-py-test avatar iam-py-test commented on July 25, 2024

Ok! Thanks

from ublock.

spirillen avatar spirillen commented on July 25, 2024

You need ldnsutils

from ublock.

iam-py-test avatar iam-py-test commented on July 25, 2024

ldnsutils

Ok! Thank you for you help

from ublock.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.