Boston.com

Hi everyone.

Installed Pi-Hole on my RP3, and went to one of the "test" sites as listed here:

https://pi-hole.net/pages-to-test-ad-blocking-performance/

In particular, I went to https://www.boston.com/ (as per the page's suggestion). That particular site shows ads, everywhere.

Is this normal? I get the "visit this site to show DNS queries", but is the Pi-Hole supposed to block all those ads?

Thanks in advance...

Are you sure that your device is using Pi-hole? Try going to http://pi.hole/admin. If that works, then flush the DNS cache of your device (and if applicable, your browser).

Yes, positive.

I originally forced my machine to use only the Pi-Hole as it's DNS; watched the stats move up from there in the Pi-Hole dashboard. Ads are being blocked, but the ones on Boston.com, and now (I found another site that does the same thing) this one:

Not sure if it's a specific time of ad, or what... very weird behavior.

Try also flushing your cache and visiting the site(s) again.

Flushed cache, still ads everywhere.

Here's something weird; I'm using Chrome 58.0.3029.110 (64-bit) on a Mac. When I use Safari, none of the ads show up. Both browsers had cache cleared out, only Chrome shows the ads. Something else here - if I turn on "AdBlock" in Chrome, it blocks over 60 (!) ads, yet they still show up on the screen.

I would start to wonder if an extension is doing something weird here, but then I realize DNS is being issued network wide, so I can't imagine that'd be it.

Anyone seen this before?

In Chrome (or Chromium-based browsers), you may want to try disabling the QUIC protocol to see if that helps:

Thanks for the suggestion, Jacob.

No dice, unfortunately. I disabled the "flag" in Chrome, blew out the cache, reloaded boston.com; ads galore.

It's not a huge deal, as it only seems to be on sites that deliver ads like they do on boston.com, or http://www.popsci.com/... seems both those sites are either owned by the same company or they use the same ad delivery service.

I'm at a loss...

Due to the way Pi-hole blocks at the DNS level, self-hosted advertisements can't be blocked without blocking the legitimate site...

I can't seem to duplicate the issue though. I'm using Vivaldi and I get this when I load an article:

Screenshot 2017-06-05 12.22.42.png778×394 54.7 KB

Boston.com is serving ads and its images from its subdomains.

For example AD is being served from AD

Image for news story is being served from news story image

The subdomains are different ..

I dont read boston.com but is this the new way to beat adblockers ?

Blocking self-hosted ads makes things much more challenging. It's not impossible, but it is difficult. I'm sure we'll see it more and more as adblocking usage continues to increase. A layered approach usually works well: use Pi-hole to block everything it can, and then follow up with a browser extension.

I just loaded the link "http://boston.com/" and there were some ads. Chrome, Mac, PiHole as my DNS with local recursive resolver. (Went back later with Safari and didn't see as many ads, same PiHole, etc.)

I think they are moving ad-serving in-house. There are a lot more "boston.com" domains here than I recall seeing in the past, and when I first set up a PiHole and tested this site I don't recall this many ads. PiHole isn't blocking the c-*boston.com, and that appears to be how the ads are coming through.

Here's what DNS Thingy reports for the site (loaded the site only, no pre-fetch, no link clicking):

www.google.com
boston.com
www.boston.com
hxyzhas.g00.boston.com
cdn.revcontent.com
c.o0bc.com
realestate.boston.com
static.chartbeat.com
www.googletagservices.com
us-ads.openx.net
www.bostonglobe.com
c-8oqtgrjgwu46x24yyyx2epcpqx78kuqtx2ekq.g00.boston.com
www.sdad.guru
c-8oqtgrjgwu46x24ix2e5inx2epgv.g00.boston.com
c-8oqtgrjgwu46x24ex2eq2dex2eeqo.g00.boston.com
ib.adnxs.com
c-8oqtgrjgwu46x24dx2edquvqpinqdgogfkcx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24yyyx2eiqqingvciugtx78kegux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uvcvkex2eejctvdgcvx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cfugtx78kegx2eiqqingx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ex2ecocbqp-cfuauvgox2eeqo.g00.boston.com
c-8oqtgrjgwu46x24dquvqpinqdgx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24yyyx2edquvqpinqdgx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24tgcnguvcvgx2edquvqpx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24eqppgevx2ehcegdqqmx2epgv.g00.boston.com
c-8oqtgrjgwu46x24uogvtkeux2edquvqpx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rkpix2eejctvdgcvx2epgv.g00.boston.com
c-8oqtgrjgwu46x24eqpuwogtx2emtzfx2epgv.g00.boston.com
c-8oqtgrjgwu46x24efpx2emtzfx2epgv.g00.boston.com
c-8oqtgrjgwu46x24ocdx2eejctvdgcvx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24yyyx2ehcegdqqmx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24yyyx2eiqqingx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24yyyx2eiqqingcrkux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24wugtocvejx2emtzfx2epgv.g00.boston.com
idsync.rlcdn.com
stags.bluekai.com
c-8oqtgrjgwu46x24udx2eueqtgectftgugctejx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24wx2eqrgpzx2epgv.g00.boston.com
c-8oqtgrjgwu46x24vqmgpx2etwdkeqprtqlgevx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ux2ecezkqocrcex2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ux2ecocbqp-cfuauvgox2eeqo.g00.boston.com
c-8oqtgrjgwu46x24wu-wx2eqrgpzx2epgv.g00.boston.com
c-8oqtgrjgwu46x24cefpx2ecfpzux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ugewtgrwdcfux2eix2efqwdngenkemx2epgv.g00.boston.com
c-8oqtgrjgwu46x24vrex2eiqqinguapfkecvkqpx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ocdrkpix2eejctvdgcvx2epgv.g00.boston.com
c-8oqtgrjgwu46x24dgceqpx2emtzfx2epgv.g00.boston.com
c-8oqtgrjgwu46x24rzx2eqypgtksx2epgv.g00.boston.com
c-8oqtgrjgwu46x24trx2eiycnngvx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24gkeo-inqdcnx2efurx2ekq.g00.boston.com
c-8oqtgrjgwu46x24cfx2evwtpx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ugewtgx2ecfpzux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rcigcf4x2eiqqinguapfkecvkqpx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cx2evgcfux2evx78.g00.boston.com
c-8oqtgrjgwu46x24gw-wx2eqrgpzx2epgv.g00.boston.com
metric-agent.i10c.net
c-8oqtgrjgwu46x24lcfugtx78gx2erquvtgngcugx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ccz-wu-gcuvx2ecocbqp-cfuauvgox2eeqo.g00.boston.com
c-8oqtgrjgwu46x24fjx2eugtx78kpi-uaux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rt-djx2eadrx2eacjqqx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24efpx2evgcfux2evx78.g00.boston.com
c-8oqtgrjgwu46x24vx2ecnnoqfgtpx2eeqo.g00.boston.com
csp.yahoo.com
c-8oqtgrjgwu46x24kdx2ecfpzux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24wuy-nczx2ecfutx78tx2eqti.g00.boston.com
c-8oqtgrjgwu46x24ux2eakoix2eeqo.g00.boston.com
tags.bluekai.com
c-8oqtgrjgwu46x24cfx2efqwdngenkemx2epgv.g00.boston.com
c-8oqtgrjgwu46x24ux2evjgdtkijvvcix2eeqo.g00.boston.com
c-8oqtgrjgwu46x24korx2egozfivx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24dqwpegx2egozfivx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24eox2eix2efqwdngenkemx2epgv.g00.boston.com
c-8oqtgrjgwu46x24u2x2e4ofpx2epgv.g00.boston.com
c-8oqtgrjgwu46x24ejqkegux2evtwuvgx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24c-ulqx2e3tzx2ekq.g00.boston.com
c-8oqtgrjgwu46x24dkfftx2edtgcnvkogx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24tvd-ecx2eqrgpzx2epgv.g00.boston.com
c-8oqtgrjgwu46x24iqqingcfu6x2eix2efqwdngenkemx2epgv.g00.boston.com
c-8oqtgrjgwu46x24rx2ecfuaorvqvkex2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ex2ecfuaorvqvkex2eeqo.g00.boston.com
c-8oqtgrjgwu46x24jwddngx2evoorx2ekq.g00.boston.com
c-8oqtgrjgwu46x24rkzgnx2eu5zkhkgfx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cfux2ecnvkvwfg-ctgpcx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rkzgnx2ecfx78gtvkukpix2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uapex2e3tzx2ekq.g00.boston.com
c-8oqtgrjgwu46x24ocvejx2ertqfx2edkftx2ekq.g00.boston.com
c-8oqtgrjgwu46x24fgnkx78gtax2eenkemqpqogvtkeux2ern.g00.boston.com
c-8oqtgrjgwu46x24cfx2echa33x2epgv.g00.boston.com
c-8oqtgrjgwu46x24tvd-uapex2efcujdkfx2ekq.g00.boston.com
c-8oqtgrjgwu46x24tvdx2eiwoiwox2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cfux2euvkemacfuvx78x2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cfux2emkqumgfx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24eux2enmsfx2epgv.g00.boston.com
c-8oqtgrjgwu46x24uapex2eoqpctejcfux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24tvdx2epcvkx78gcfux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24tvdx2epwkx2eogfkc.g00.boston.com
image2.pubmatic.com
simage2.pubmatic.com
c-8oqtgrjgwu46x24djx2eeqpvgzvygdx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ex2efgrnqacfux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uapex2eurtkpiugtx78gx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rkzgnx2etwdkeqprtqlgevx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24tvd-euapex2euoctvcfugtx78gtx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uapex2eiqx2euqpqdkx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uapex2ecfmgtpgnx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24egx2enklkvx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uapex2eugctejx2eurqvzejcpigx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24fgnkx78gtax2ejx2euykvejcfjwdx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ocvejx2ecfutx78tx2eqti.g00.boston.com
c-8oqtgrjgwu46x24uapex2evgcfux2evx78.g00.boston.com
c-8oqtgrjgwu46x24gd4x2e5nkhvx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24wfougtx78gx2epgv.g00.boston.com
c-8oqtgrjgwu46x24cfux2efgnkx78gtkorx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24zx2edkfuykvejx2epgv.g00.boston.com
c-8oqtgrjgwu46x24cqtvcx2eenkemciax2eeqo.g00.boston.com
c-8oqtgrjgwu46x24ocvejx2edcugdcppgtx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24wugtuapex2em0ux2eyfex2eunx2ei4vtmx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24uape-vox2egx78gtguvvgejx2epgv.g00.boston.com
c-8oqtgrjgwu46x24uapex2eocvjvcix2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cx2efroutx78x2eeqo.g00.boston.com
c-8oqtgrjgwu46x24eux2ehhdvcux2eeqo.g00.boston.com
c-8oqtgrjgwu46x24efpx2ecftvcx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rox2ey77ex2epgv.g00.boston.com
c-8oqtgrjgwu46x24vtx2ednkuogfkcx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24eokx2epgvuggtx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24e3x2ecfhqtox2epgv.g00.boston.com
c-8oqtgrjgwu46x24cczx2ecocbqp-cfuauvgox2eeqo.g00.boston.com
c-8oqtgrjgwu46x24rznx2eeqppgzkvax2epgv.g00.boston.com
c-8oqtgrjgwu46x24uapex2egzvgpfx2evx78.g00.boston.com
c-8oqtgrjgwu46x24ocvejx2efggrkpvgpvx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24qzrx2egogcx2eozrvkpvx2epgv.g00.boston.com
c-8oqtgrjgwu46x24ejqkegux2evtwuvctex2eeqo.g00.boston.com
c-8oqtgrjgwu46x24krx788x2ecftvcx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cftvcx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24cfgx2eiqqinguapfkecvkqpx2eeqo.g00.boston.com
c-8oqtgrjgwu46x24iqqingcfux2eix2efqwdngenkemx2epgv.g00.boston.com
c-8oqtgrjgwu46x24yyyx2eiuvcvkex2eeqo.g00.boston.com
c-8oqtgrjgwu46x24dgcr-dex2eacjqqx2eeqo.g00.boston.com
ajax.googleapis.com

Yeah, so you can easily add all these domains to the blocklist. Pi-hole has no problem blocking subdomains, but as you've just demonstrated, the subdomains are non-sensical and there are a ton of them. Blacklisting them individually may just be an exercise in futility if they decide to make a new subdomain or continue to randomly generate and cycle through them.

Regex blocking will help with this.

The majority of sites out there will not be self hosting ads for some time because it's easier to just use a third party. The bigger players like Google and Facebook don't have much problem doing this though.

Interestingly, the behavior I see with Safari Mac is different than Chrome Mac. With the Safari browser, none of the funky subdomains from boston.com are loading, and I don't see the ads. I don't have an equivalent of DNS Thingy on this browser, so I can't easily see the list of domains being loaded. It does appear that the coding of the html gets a different result depending on the browser.

No ads in Safari, ads in Chrome. Same PiHole, same blacklists, etc.

The query log on PiHole from Safari is much shorter than the query log from Chrome for the boston.com site, so the Safari browser is not making the same DNS requests and the ads aren't being served.

regex blocking will not help..
they are serving images on their site with the same pattern.

the "random" string within the subdomain changes for ads vs images with only a few characters different between the two.. the fact that its random makes regex matching pointless.

i am new to pihole so cant offer many suggestions .
the only way i can think of is a scraper that runs every day & gets the current ad domains & blocks them , if you were to go with a DNS based approach

But the way to attack this would be to borrow a page from ad blockers who seem to zap them ( firefox + ublock )

What browser and OS are you running where you see the ads?

chrome 69.0.3472.3 (Official Build) dev (64-bit) in guest mode .. osx

Try Safari and see if you see ads on that site. I'm running Version 11.1.1 (13605.2.8) on OS X 10.13.5.

safari shows the ads & query log, at pihole , shows the same c*.g00.boston.com domains

Interesting. With Safari on my Mac I see none of the ads or queries to the subdomains. I'll have to find the time to read the html and see why it's different than with Chrome.

On Safari for that website, have you enabled content blockers? That's the only obvious setting I see that would result in this behavior. Pop-ups blocked, prevent cross-site tracking, ask websites not to track all selected on my Safari.

will try those settings with safari.

Very interesting that with firefox dev edition , they are serving images from a different domain.using firefox