Commonly Whitelisted Domains

whitelisting
#20

Try taking a look at this page for a batch command line option and more whitelisting suggestions:

Also, once you’re inside the web interface, you can navigate to the the white list section and simply copy and paste all of sites in one go.

1 Like

#21

We should add this to Whitelist too:

wdcp.microsoft.com

(from https://docs.microsoft.com/en-us/windows/privacy/manage-windows-endpoints):

This endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.

wdcpalt.microsoft.com
(From https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus).

Used by Windows Defender Antivirus to provide cloud-delivered protection

tsfe.trafficshaping.dsp.mp.microsoft.com
(From https://docs.microsoft.com/en-us/windows/privacy/windows-endpoints-1803-non-enterprise-editions + https://docs.microsoft.com/en-us/windows/privacy/manage-windows-endpoints):

This endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.

0 Likes

#22

Anyone know of problems resetting/setting-up slingbox when pi-hole is active? Are there specific slingbox domains that need to be whitelisted?

0 Likes

#23

you have to whitelist .bea4.v.fwmrm.net for mobile CNN videos to load. I am trying to figure out what to whitelist to get CNET videos to load now.

0 Likes

#24

How does one go about editing the wiki in this thread?
I will make a second post with my contributions grouped, until I figure this out and can merge them with the primary post.

0 Likes

#25

Roku - ETWN App
Symptom: Episode thumbnails were not loading when blocked.

pihole -w f1.media.brightcove.com

iOS - Ubiquiti WifiMan
Symptom: Red warning stating ip-api.com cannot be reached.

pihole -w pro.ip-api.com
pihole -w reports.crashlytics.com
0 Likes

#26

Click the edit button at the bottom of the post.

0 Likes

#27

Not sure if this is where I need to add this but vudu needs apicache.vudu.com whitelisted in order to work

0 Likes

#28

I was able to get CNN videos to load using data.cnn.com. I now have the following for CNN: www.cnn.com, cnn.com, cdn.cnn.com and data.cnn.com.
I found this by watching the Query Log when attempting to watch a video.

0 Likes

#29

A couple things:
for xbox live messages to work, I had to whitelist:
client-s.gateway.messenger.live.com
For ‘messages for web’ to display a qr code I had to whitelist:
www.google-analytics.com
There were a couple others I whitelisted to get the qr code to appear but this one actually worked after the whitelist.

0 Likes

#30

Just in case anyone else ran into Twitter embeds not working in Google News for iOS, whitelisting cdn.syndication.twimg.com worked for me.

0 Likes

#31

Scratch Editor
Symptom: Crash of the Editor/“Non supported navigator” message.
pihole -w www.google-analytics.com

0 Likes

#32

As of last week Live Achievements stopped updating and v20.events.data.microsoft.com is being blocked in the Pi-hole logs. Adding this to the whitelist restored Live Achievements updates.

pihole -w v20.events.data.microsoft.com

1 Like

#33

I was unable to load google maps data (photos, maps, locations, location info, etc) until reaching a timeout (15-20 seconds) without unblocking app-measurement.com

Anyone else?

0 Likes

#34

Access to OneDrive from within Office365 apps

A login loop was resulting from accessing OneDrive from within Office365 apps continually asking for Microsoft username and password. This seems to be resolved via whitelisting login.microsoftonline.com . Please also see this Reddit post:
Microsoft Office 365 Blocked : Pihole

0 Likes

#35

Facebook on iOS needs b-graph.facebook.com whitelisted in order to login to the app. Editing post to add this entry now.

0 Likes

#36

Twitch Client
Wont Work Unless you Whitelist and it can be more didn’t Test that much
From what i can tell this was implemented on the last version of Twitch Client

pihole -w s.amazon-adsystem.com
pihole -w c.amazon-adsystem.com
pihole -w countess.twitch.tv
pihole -w pubsub-edge.twitch.tv
pihole -w cdn-gl.imrworldwide.com
1 Like

#37

Apple Music streaming tracks not playing with (s.mzstatic.com) blocked.

Only realised when removing the SIM card out of my daughters iPhone her music stopped working with error “could not connect to server”

If you allow Apple Music to use mobile data, even when in wifi mode; if it can’t connect that way it will automatically fall back to mobile data.

So yeah we all allow mobile data, so never realised. Will now add to wiki.

Cheers.

0 Likes

#38

I’m blocked from using Zelle within Citibank online. I see these logs, how do I whitelist these *.online-metrix.net?

Apr  1 21:33:05 dnsmasq[16398]: query[A] h-online.citi.online-metrix.net from my.ip.ad.dr
Apr  1 21:33:05 dnsmasq[16398]: forwarded h-online.citi.online-metrix.net to 1.0.0.1
Apr  1 21:33:05 dnsmasq[16398]: reply h-online.citi.online-metrix.net is 192.225.159.21
Apr  1 21:33:06 dnsmasq[16398]: query[A] 89oebq5k-84efa02cae5be555b16349b8d9ad71aea395c8f1-sac.d.aa.online-metrix.net from my.ip.ad.dr
Apr  1 21:33:06 dnsmasq[16398]: forwarded 89oebq5k-84efa02cae5be555b16349b8d9ad71aea395c8f1-sac.d.aa.online-metrix.net to 1.0.0.1
Apr  1 21:33:06 dnsmasq[16398]: reply 89oebq5k-84efa02cae5be555b16349b8d9ad71aea395c8f1-sac.d.aa.online-metrix.net is 192.225.158.3
Apr  1 21:33:07 dnsmasq[16398]: query[A] aa.online-metrix.net from my.ip.ad.dr
Apr  1 21:33:07 dnsmasq[16398]: forwarded aa.online-metrix.net to 1.0.0.1
Apr  1 21:33:07 dnsmasq[16398]: reply aa.online-metrix.net is 192.225.158.2
Apr  1 21:33:07 dnsmasq[16398]: query[A] device-metrics-us.amazon.com from 10.141.165.190
Apr  1 21:33:10 dnsmasq[16398]: reply a239.gi3.akamai.net is 23.223.157.146
Apr  1 21:33:10 dnsmasq[16398]: reply a239.gi3.akamai.net is 23.223.157.138
Apr  1 21:33:22 dnsmasq[16398]: query[PTR] 66.165.141.10.in-addr.arpa from my.ip.ad.dr
Apr  1 21:33:22 dnsmasq[16398]: forwarded 66.165.141.10.in-addr.arpa to 10.141.165.1
Apr  1 21:33:22 dnsmasq[16398]: reply my.ip.ad.dr is mymac.com
Apr  1 21:33:31 dnsmasq[16398]: query[A] www.citi.com from my.ip.ad.dr
Apr  1 21:33:31 dnsmasq[16398]: forwarded www.citi.com to 1.0.0.1
Apr  1 21:33:31 dnsmasq[16398]: reply www.citi.com is <CNAME>
Apr  1 21:33:31 dnsmasq[16398]: reply san.www.citi.com.edgekey.net is <CNAME>
Apr  1 21:33:31 dnsmasq[16398]: reply e16976.x.akamaiedge.net is 184.87.60.148
Apr  1 21:33:32 dnsmasq[16398]: query[A] nexus.ensighten.com from my.ip.ad.dr
Apr  1 21:33:32 dnsmasq[16398]: /etc/pihole/gravity.list nexus.ensighten.com is 0.0.0.0
Apr  1 21:33:34 dnsmasq[16398]: query[A] citi.bridgetrack.com from my.ip.ad.dr
Apr  1 21:33:34 dnsmasq[16398]: /etc/pihole/gravity.list citi.bridgetrack.com is 0.0.0.0
Apr  1 21:33:35 dnsmasq[16398]: query[A] h-online.citi.online-metrix.net from my.ip.ad.dr
Apr  1 21:33:35 dnsmasq[16398]: forwarded h-online.citi.online-metrix.net to 1.0.0.1
Apr  1 21:33:35 dnsmasq[16398]: reply h-online.citi.online-metrix.net is 192.225.159.21

Apr  1 21:35:39 dnsmasq[16398]: reply e17437.dscb.akamaiedge.net is 96.17.64.147
Apr  1 21:35:44 dnsmasq[16398]: query[A] nexus.ensighten.com from my.ip.ad.dr
Apr  1 21:35:44 dnsmasq[16398]: /etc/pihole/gravity.list nexus.ensighten.com is 0.0.0.0
Apr  1 21:35:45 dnsmasq[16398]: query[A] citi.com.ssl.sc.omtrdc.net from my.ip.ad.dr
Apr  1 21:35:45 dnsmasq[16398]: forwarded citi.com.ssl.sc.omtrdc.net to 1.0.0.1
Apr  1 21:35:45 dnsmasq[16398]: reply citi.com.ssl.sc.omtrdc.net is 66.235.128.243
Apr  1 21:35:48 dnsmasq[16398]: query[A] 89oebq5k-107474e8b81618c442670eeb96048b53ce8de570-sac.d.aa.online-metrix.net from my.ip.ad.dr
Apr  1 21:35:48 dnsmasq[16398]: forwarded 89oebq5k-107474e8b81618c442670eeb96048b53ce8de570-sac.d.aa.online-metrix.net to 1.0.0.1
Apr  1 21:35:48 dnsmasq[16398]: reply 89oebq5k-107474e8b81618c442670eeb96048b53ce8de570-sac.d.aa.online-metrix.net is 192.225.158.3
Apr  1 21:35:11 dnsmasq[16398]: query[A] h-online.citi.online-metrix.net from my.ip.ad.dr
Apr  1 21:35:11 dnsmasq[16398]: forwarded h-online.citi.online-metrix.net to 1.0.0.1
Apr  1 21:35:11 dnsmasq[16398]: reply h-online.citi.online-metrix.net is 192.225.159.21
Apr  1 21:35:22 dnsmasq[16398]: query[A] nexus.ensighten.com from my.ip.ad.dr
Apr  1 21:35:22 dnsmasq[16398]: /etc/pihole/gravity.list nexus.ensighten.com is 0.0.0.0
Apr  1 21:35:22 dnsmasq[16398]: query[A] mpsnare.iesnare.com from my.ip.ad.dr
Apr  1 21:35:22 dnsmasq[16398]: /etc/pihole/gravity.list mpsnare.iesnare.com is 0.0.0.0
Apr  1 21:35:23 dnsmasq[16398]: query[A] h-online.citi.online-metrix.net from my.ip.ad.dr
Apr  1 21:35:23 dnsmasq[16398]: forwarded h-online.citi.online-metrix.net to 1.0.0.1
Apr  1 21:35:23 dnsmasq[16398]: reply h-online.citi.online-metrix.net is 192.225.159.21
Apr  1 21:35:28 dnsmasq[16398]: query[A] 89oebq5k-a730336c3ac398cc37058315f73ff25b1bbd143a-sac.d.aa.online-metrix.net from my.ip.ad.dr
Apr  1 21:35:28 dnsmasq[16398]: forwarded 89oebq5k-a730336c3ac398cc37058315f73ff25b1bbd143a-sac.d.aa.online-metrix.net to 1.0.0.1
Apr  1 21:35:28 dnsmasq[16398]: reply 89oebq5k-a730336c3ac398cc37058315f73ff25b1bbd143a-sac.d.aa.online-metrix.net is 192.225.158.3
Apr  1 21:35:28 dnsmasq[16398]: query[A] aa.online-metrix.net from my.ip.ad.dr
Apr  1 21:35:28 dnsmasq[16398]: forwarded aa.online-metrix.net to 1.0.0.1
Apr  1 21:35:28 dnsmasq[16398]: reply aa.online-metrix.net is 192.225.158.2

All this Reddit thread suggests to WL nexus.ensighten.com, agreed?

0 Likes

#39

Hi, could you please help me out how can I add this list in pi-hole as I am running in docker. Thank you so much

0 Likes