FilterLists/Whitelist.txt at main · InviseLabs/FilterLists · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
##
# ABOUT
# The goal of this whitelist is a simple and maintainable list of domains that must be unblocked for the functionality of common APIs, apps and services but WITHOUT allowing telemetry or data collection about the user.
# This is mainly used by us but we are sharing it with anyone that wants to use it. I found other whitelists unsuitable - primarily ude to strange things unblocked, no comments, etc.
##


# Required for: ESPN Watch
fpdownload.adobe.com
entitlement.auth.adobe.com
livepassdl.conviva.com
www.espn.com
a1.espncdn.com
a2.espncdn.com
a.espncdn.com
streams.adobeprimetime.com
sp.auth.adobe.com
media.video-cdn.espn.com
cdn1.espn.net


# Require for: Facebook Messenger, including Business Page Messenger
scontent-atl3-1.xx.fbcdn.net
static.xx.fbcdn.net
edge-chat.messenger.com
video.xx.fbcdn.net
messenger.com


# Required for: Instagram
c10r.instagram.com
instagram.c10r.instagram.com
i.instagram.com
instagram.com


# Required for: Twitch
countess.twitch.tv
pubsub-edge.twitch.tv
cdn-gl.imrworldwide.com


# Required for: Plex
tvdb2.plex.tv
dashboard.plex.tv
staging.plex.tv
status.plex.tv
proxy.plex.bz
proxy.plex.tv
proxy02.pop.ord.plex.bz
o1.email.plex.tv
o2.sg0.plex.tv
pubsub.plex.bz
pubsub.plex.tv
tvthemes.plexapp.com
cpms.spop10.ams.plex.bz
cpms35.spop10.ams.plex.bz


##
# General Whitelist for Common Apps and Services
##
akamaihd.net
akamaitechnologies.com
akamaized.net
amazonaws.com
api.ipify.org
api.rlje.net
app-api.ted.com
appleid.apple.com
apt.sonarr.tv
aspnetcdn.com
ax.phobos.apple.com.edgesuite.net
brightcove.net
cdn.cloudflare.net
cdn.embedly.com
cdn.optimizely.com
cdn.vidible.tv
cdn2.optimizely.com
cdn3.optimizely.com
cdnjs.cloudflare.com
clientconfig.passport.net
cws.conviva.com
d2c8v52ll5s99u.cloudfront.net
d2gatte9o95jao.cloudfront.net
dataplicity.com
delivery.vidible.tv
dev.virtualearth.net
display.ugc.bazaarvoice.com
dl.dropbox.com
dl.dropboxusercontent.com
download.sonarr.tv
drift.com
driftt.com
dynupdate.no-ip.com
ecn.dev.virtualearth.net
edge.api.brightcove.com
forums.sonarr.tv
geo3.ggpht.com
gfwsl.geforce.com
giphy.com
gravatar.com
hls.ted.com
i.ytimg.com
i1.ytimg.com
img.vidible.tv
imgix.net
imgs.xkcd.com
intercom.io
jquery.com
jsdelivr.net
keystone.mwbsys.com
lastfm-img2.akamaized.net
livepassdl.conviva.com
meta-db-worker02.pop.ric.plex.bz
meta.plex.bz
meta.plex.tv
my.plexapp.com
nine.plugins.plexapp.com
no-ip.com
node.plexapp.com
ns1.dropbox.com
ns2.dropbox.com
ocsp.apple.com
om.cbsi.com
pings.conviva.com
placehold.it
placeholdit.imgix.net
players.brightcove.net
res.cloudinary.com
s.marketwatch.com
s.youtube.com
s.ytimg.com
s1.wp.com
s2.youtube.com
s3.amazonaws.com
sa.symcb.com
secure.avangate.com
secure.brightcove.com
secure.surveymonkey.com
services.sonarr.tv
skyhook.sonarr.tv
spclient.wg.spotify.com
ssl.p.jwpcdn.com
t0.ssl.ak.dynamic.tiles.virtualearth.net
t0.ssl.ak.tiles.virtualearth.net
tawk.to
tedcdn.com
themoviedb.com
thetvdb.com
traffic.libsyn.com
twimg.com
videos.vidible.tv
vidtech.cbsinteractive.com
widget-cdn.rpxnow.com
wp.com
ws.audioscrobbler.com
www.dataplicity.com
yt3.ggpht.com
zee.cws.conviva.com
# Not needed because they shouldn't be blocked anyways
#raw.githubusercontent.com
#tinyurl.com
#t.co
#github.com
#github.io


##
# REQUIRED FOR: GOOGLE APIs AND SERVICES CONNECTIVITY
##
# General Google API Connectivity
waa-pa.googleapis.com
speechs3proto2-pa.googleapis.com
clientservices.googleapis.com
safebrowsing.googleapis.com
searchlabspartnerservice-pa.googleapis.com
federatedcompute-pa.googleapis.com
ondevicesafety-pa.googleapis.com
youtubei.googleapis.com
mobileconfiguration-pa.googleapis.com
proactivebackend-pa.googleapis.com
googlehomefoyer-pa.googleapis.com
xgapromomanager-pa.googleapis.com
www.googleapis.com
connectivitycheck.android.com
connectivitycheck.gstatic.com
cse.google.com
gstatic.com
0.client-channel.google.com
clients1.google.com
clients2.google.com
clients3.google.com
clients4.google.com
clients5.google.com
clients6.google.com
oauthaccountmanager.googleapis.com
discover-pa.googleapis.com

# Android API
2.android.pool.ntp.org
instantmessaging-pa.googleapis.com
android.clients.google.com
appsbackup-pa.clients6.google.com
appsbackup-pa.googleapis.com
googleapis.com
appspot-preview.l.google.com

# Google Assistant API
geller-pa.googleapis.com

# Google Play Store API
android.clients.google.com
firebaseinstallations.googleapis.com

# Google Keep API
firestore.googleapis.com
reminders-pa.googleapis.com

# Google Fonts API
gstaticadssl.l.google.com

# Gmail API
googleapis.l.google.com

# Chrome API
dl.google.com

# Google TV and Android Tv API
redirector.gvt1.com
redirector.gvt2.com
androidtvlauncherxfe-pa.googleapis.com

# YouTube API
youtubei.googleapis.com
youtube-pa-googleapis.com
s.youtube.com
youtube-nocookie.com
video-stats.l.google.com
www.youtube-nocookie.com
youtu.be
manifest.googlevideo.com

# Google Maps and Google Earth API
dev.virtualearth.net
ecn.dev.virtualearth.net
t0.ssl.ak.dynamic.tiles.virtualearth.net
t0.ssl.ak.tiles.virtualearth.net
maps.google.com
earth.google.om
maps-pa.googleapsi.com

# Google Maps - Timeline and Send Location Feature API
semanticlocation-pa.googleapis.com
userlocation.googleapis.com


##
# REQUIRED FOR: MICROSOFT APIs AND SERVICES CONNECTIVITY
##
# General Microsoft APIs and Endpoints required for their services (no telemetry)
nleditor.osi.office.net
ecs.office.com
storage.live.com
admin.onedrive.com
officeclient.microsoft.com
spoprod-a.akamaihd.net
*.lync.com
*.sfbassets.com
*.urlp.sfbassets.com
skypemaprdsitus.trafficmanager.net
*.keydelivery.mediaservices.windows.net
*.msecnd.net
*.streaming.mediaservices.windows.net
ajax.aspnetcdn.com
mlccdn.blob.core.windows.net
aka.ms
amp.azure.net
*.users.storage.live.com
*.msedge.net
compass-ssl.microsoft.com
*.tenor.com
ajax.aspnetcdn.com
spoprod-a.akamaihd.net
*.api.microsoftstream.com
*.notification.api.microsoftstream.com
api.microsoftstream.com
web.microsoftstream.com
*.azureedge.net
*.media.azure.net
*.officeapps.live.com
*.online.office.com
office.live.com
*.office.net
*.msftidentity.com
*.msidentity.com
account.activedirectory.windowsazure.com
accounts.accesscontrol.windows.net
adminwebservice.microsoftonline.com
api.passwordreset.microsoftonline.com
autologon.microsoftazuread-sso.com
becws.microsoftonline.com
clientconfig.microsoftonline-p.net
companymanager.microsoftonline.com
device.login.microsoftonline.com
graph.microsoft.com
graph.windows.net
nexus.microsoftonline-p.com
passwordreset.microsoftonline.com
provisioningapi.microsoftonline.com
*.manage.office.com
*.protection.office.com
manage.office.com
protection.office.com
*.portal.cloudappsecurity.com
account.office.net
admin.microsoft.com
home.office.com
portal.office.com
www.office.com
suite.office.net
mlccdn.blob.core.windows.net

# SharePoint
*.sharepointonline.com
cdn.sharepointonline.com
privatecdn.sharepointonline.com
publiccdn.sharepointonline.com
static.sharepointonline.com


# Teams
teams.microsoft.com
*.teams.microsoft.com

# OneNote
*.onenote.com
*cdn.onenote.net

# Skype
ui.skype.com
apps.skype.com
apps.skype.com
pricelist.skype.com
*.skypeforbusiness.com
*.broadcast.skype.com
broadcast.skype.com
*.skype.com

# Microsoft Updates and Windows Store Functionality
displaycatalog.mp.microsoft.com
dl.delivery.mp.microsoft.com
continuum.dds.microsoft.com
c.s-microsoft.com
geo-prod.do.dsp.mp.microsoft.com

# Windows Settings Sync
settings-win.data.microsoft.com

# Windows Location API
inference.location.live.net

# Required for: Microsoft Windows Spotlight API
# Including downloading or updating spotlight images.
arc.msn.com

# Microsoft Login
live.com
microsoftonline.com
login.live.com
login.microsoft.com
login.microsoftonline.com
login.microsoftonline-p.com
login.windows.net
logincert.microsoftonline.com
loginex.microsoftonline.com
login-us.microsoftonline.com
logincdn.msauth.net

# Microsoft Windows Connect Tests
# Blocking these can cause Windows to act strange and think it's not connected to the internet
dns.msftncsi.com
msftncsi.com
www.msftconnecttest.com
www.msftncsi.com
win10.ipv6.microsoft.com
# I thought Microsoft said they were only using their .microsoft tld for Office, 365, and URLs that mattered in face of the user?
# I hardly think connectivity tests falls under this.
connectivity-test.static.microsoft
connectivity-test.usercontent.microsoft
connectivity-test.cloud.microsoft

# OneDrive
g.live.com
onedrive.live.com
oneroute.microsoft.com
1drv.com
1drv.ms
onedrive.ms

# Microsoft Outlook (Email)
outlook.live.com
outlook.office365.com
s.gateway.messenger.live.com
outlook.office.com
*.outlook.office.com
smtp.office365.com
r1.res.office365.com
r3.res.office365.com
r4.res.office365.com
*.outlook.com
*.outlook.office.com
attachments.office.net
*.protection.outlook.com
*.mail.protection.outlook.com

# Microsoft Your Phone Sync
mobile.pipe.aria.microsoft.com

# Office, O365, and Enterprise Functionality
#self.events.data.microsoft.com
office.com
office.net
office365.com
officeclient.microsoft.com
nexusrules.officeapps.live.com
1drv.com
enterprise.activity.windows.com
outlook.office365.com
products.office.com
c.s-microsoft.com
i.s-microsoft.com

# Xbox Functionality - Found on Reddit
attestation.xboxlive.com
cert.mgt.xboxlive.com
def-vef.xboxlive.com
device.auth.xboxlive.com
eds.xboxlive.com
help.ui.xboxlive.com
licensing.xboxlive.com
notify.xboxlive.com
title.auth.xboxlive.com
title.mgt.xboxlive.com
v10.vortex-win.data.microsoft.com
www.msftncsi.com
www.xboxlive.com
xbox.ipv6.microsoft.com
xboxexperiencesprod.experimentation.xboxlive.com
xflight.xboxlive.com
xkms.xbolive.com
xkms.xboxlive.com
xsts.auth.xboxlive.com

# Xbox - Other
client-s.gateway.messenger.live.com

# Microsoft Updates and Windows Store
dl.delivery.mp.microsoft.com
geo-prod.do.dsp.mp.microsoft.com
displaycatalog.mp.microsoft.com
update.microsoft.com.akadns.net
sls.update.microsoft.com.akadns.net
fe3.delivery.dsp.mp.microsoft.com.nsatc.net
tlu.dl.delivery.mp.microsoft.com
ctldl.windowsupdate.com
sls.update.microsoft.com

# Microsoft Your Phone Sync
mobile.pipe.aria.microsoft.com