My Pi hole is not blocking ads

Please follow the below template, it will help us to help you!

Expected Behaviour:

[Replace this text with what you think should be happening]

Actual Behaviour:

[replace this text with what is actually happening]

Debug Token:

[Replace this text with the debug token provided from running pihole -d (or running the debug script through the web interface]

Hallo, I installed pi hole to block ads throughout the network at home on Raspberry. Now I am seeing the ads on some websites. I am totally frustrated. Before I was using tomato firmware on Netgear r7000 . In that ad blocking settings the ads were not showing up. But in pi hole is showing.
Here is my token id from my log.
https://tricorder.pi-hole.net/77fz3jbucz

Pls help me

Your Pi-Hole debug log shows that Pi-Hole is properly processing received DNS queries and blocking those domains on blocklist. There are several possibilities for why you are seeing ads on some websites.

1. The ads are being served from the same domains as the content. Since Pi-Hole is a domain blocker, if the domains are allowed for the content they are also allowed for the ads.

2. Some of your DNS traffic may be bypassing Pi-Hole. Your debug log shows the following activity on your Pi-Hole in the previous 24 hours. How many clients are on your network? How do you have your router and/or clients configured to use Pi-Hole as DNS server?

 [2019-07-13 23:10:07.439 14159] Imported 2119 queries from the long-term database
   [2019-07-13 23:10:07.439 14159]  -> Total DNS queries: 2119
   [2019-07-13 23:10:07.439 14159]  -> Cached DNS queries: 1183
   [2019-07-13 23:10:07.439 14159]  -> Forwarded DNS queries: 705
   [2019-07-13 23:10:07.439 14159]  -> Exactly blocked DNS queries: 206
   [2019-07-13 23:10:07.439 14159]  -> Unknown DNS queries: 25
   [2019-07-13 23:10:07.439 14159]  -> Unique domains: 131
   [2019-07-13 23:10:07.439 14159]  -> Unique clients: 2
   [2019-07-13 23:10:07.439 14159]  -> Known forward destinations: 4

Also noted in your debug log, but unrelated to this problem. You have the URL "I" listed in your list of blocklists. This is not a valid domain and may cause problems loading blocklists.

-rw-r--r-- 1 root root 2853 Jul 13 22:54 /etc/pihole/adlists.list
   https://dbl.oisd.nl/
   https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
   I

Oh thanks for your early reply. i am Little bit relieved that my Setup works as expected. I was about to go back with my previous Setup of Tomato Router (Netgear-R7000).
Now i would like to fine tune the Setup so that it bloks everything ad related in a Webpage.
i tried to open wccftech/Timesofindia/cnx-software.com in every page there was an ad atleast one Floating totally unelated and doing ist Job of Advertising.
i tried a ad blocking Website to check hether my Setup i working. But it failed to block the ad displayed on the left side. From that i kno my Setup is not working.
Can we also use Host based ad blocking on Pi-hole ? is it possible ?
Now i have Setup my Router with Primary DNS Server as the IP Address of Pi-Hole and enabled DHCP-Server on Raspberry. What i dont understand is that i cant Switch off the DHCP in my Router. there is not Option to Switch it off ! i am using Speedport 724V Deutsche Telekom Router.
I simply Need an effective Ad-Blocker and i know that Pi-Hole is one. But all i Need is the perfect Setting so that it functions as it should.
All i need here is little bit of Help from experts like you. i am a total Noob(Technology is not my field of Work).
Hoping for the best Support from you and from this Forum. Thanks.

What is the exact URL (the one you posted does not lead to a web page)? With that, we can load the page and see what is going on.

This does not necessarily indicate your setup is not working. They may be serving ads from the same domain as the content, which is difficult to block with a domain blocker such as Pi-Hole.

These tools can help you determine where ads are being served from:

Pi-Hole blocklists are in HOSTS format, if this is what you are referring to.

Here is the proof of website where ads are still being displayed.
https://ads-blocker.com/testing/

wccftech.com, timesifindia.com, cnx-software.com

Can you post a screen shot of what you see on that page? When I load the page, I see no ads, so cannot duplicate your problem.

Do you see ads on all devices, just one device, all browsers or just one browser, etc.

I see no ads on the first and third links. The middle link would not load, it was blocked by Pi-Hole (redirects to park.above.com) since that domain is on several blocklists.

Additional info. Using the ADAMNetworks extension on Google Chrome (formerly DNSThingy), the following domains are shown as requested for site wccftech.com:

* wccftech.com
* cdn.wccftech.com
* cdn.nsstatic.com
* img.youtube.com
* quantcast.mgr.consensu.org
* fonts.gstatic.com
* g.pcmag.com
* cdn.static.zdbb.net
* secure-us.imrworldwide.com
* www.googletagservices.com
* native.sharethrough.com
* gurgle.zdbb.net
* ns.zdbb.net
* connect.facebook.net
* api.traq.li
* www.facebook.com
* www.google-analytics.com
* wccftech.disqus.com

The resulting activity in the Pi-Hole query log (there may be some contamination of the query log as other processes are running on the client computer and may have snuck a few queries in):

15:55:45 dnsmasq[11783]: query[A] wccftech.disqus.com from 192.168.0.135
15:55:45 dnsmasq[11783]: cached wccftech.disqus.com is <CNAME>
15:55:45 dnsmasq[11783]: cached prod.disqus.map.fastlylb.net is 151.101.184.134
15:55:45 dnsmasq[11783]: query[A] www.google-analytics.com from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity www.google-analytics.com is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] quantcast.mgr.consensu.org from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity quantcast.mgr.consensu.org is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] connect.facebook.net from 192.168.0.135
15:55:45 dnsmasq[11783]: cached connect.facebook.net is <CNAME>
15:55:45 dnsmasq[11783]: cached scontent.xx.fbcdn.net is 69.171.250.25
15:55:45 dnsmasq[11783]: query[A] g.pcmag.com from 192.168.0.135
15:55:45 dnsmasq[11783]: forwarded g.pcmag.com to 127.0.0.1
15:55:45 dnsmasq[11783]: query[A] sb.scorecardresearch.com from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity sb.scorecardresearch.com is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] cdn.static.zdbb.net from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity cdn.static.zdbb.net is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] secure-us.imrworldwide.com from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity secure-us.imrworldwide.com is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] ns.zdbb.net from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity ns.zdbb.net is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] native.sharethrough.com from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity native.sharethrough.com is 0.0.0.0
15:55:45 dnsmasq[11783]: query[A] gurgle.zdbb.net from 192.168.0.135
15:55:45 dnsmasq[11783]: gravity gurgle.zdbb.net is 0.0.0.0
15:55:45 dnsmasq[11783]: reply g.pcmag.com is <CNAME>
15:55:45 dnsmasq[11783]: reply geo.ziffdavisinternational.com.edgekey.net is <CNAME>
15:55:45 dnsmasq[11783]: reply e5042.dsce2.akamaiedge.net is 184.30.25.70
15:55:45 dnsmasq[11783]: query[A] api.traq.li from 192.168.0.135
15:55:45 dnsmasq[11783]: cached api.traq.li is <CNAME>
15:55:45 dnsmasq[11783]: cached api-traq-li-v2.westus2.cloudapp.azure.com is 52.183.19.96
15:55:45 dnsmasq[11783]: query[A] www.facebook.com from 192.168.0.135
15:55:45 dnsmasq[11783]: cached www.facebook.com is <CNAME>
15:55:45 dnsmasq[11783]: cached star-mini.c10r.facebook.com is 31.13.93.35
15:55:46 dnsmasq[11783]: query[A] disqus.com from 192.168.0.135
15:55:46 dnsmasq[11783]: cached disqus.com is 151.101.64.134
15:55:46 dnsmasq[11783]: cached disqus.com is 151.101.0.134
15:55:46 dnsmasq[11783]: cached disqus.com is 151.101.128.134
15:55:46 dnsmasq[11783]: cached disqus.com is 151.101.192.134
15:55:46 dnsmasq[11783]: query[A] c.disquscdn.com from 192.168.0.135
15:55:46 dnsmasq[11783]: cached c.disquscdn.com is <CNAME>
15:55:46 dnsmasq[11783]: cached c.disquscdn.com.cdn.cloudflare.net is 104.16.80.166
15:55:46 dnsmasq[11783]: cached c.disquscdn.com.cdn.cloudflare.net is 104.16.76.166
15:55:46 dnsmasq[11783]: cached c.disquscdn.com.cdn.cloudflare.net is 104.16.79.166
15:55:46 dnsmasq[11783]: cached c.disquscdn.com.cdn.cloudflare.net is 104.16.78.166
15:55:46 dnsmasq[11783]: cached c.disquscdn.com.cdn.cloudflare.net is 104.16.77.166

Load the same page while tailing your Pi-Hole log (pihole -t from the Linux command line) and see if you have similar activity. If you do not, then the DNS queries are going elsewhere and not to Pi-Hole. Note that the 0.0.0.0 replies indicate the domain was blocked by Pi-Hole.

Here is the proof that after adding many block lists URLs the ads are still sneaking out. Example screenshot from wccftech.com ...
Pls have a look and tell me if possible to block such tiny ads in a website.

One more proof from cnx-software.com website showing bid add at the beginning....

And this is my number of bloodlust URLs that are capable of blocking ads....

In my tomato router none of these ads were displaying.... Is there a better solution for blocking such small irritating ads? I don't think these ads are coming from same domain as websites...

AdChoices ads generally are injected into the website by a script on the same domain as the website.

Personally I have never had much joy in blocking those particular ads using Pi-hole alone.

Ad Testing Website still showing ads which means that my ad blocking setup is ineffective. I could block such mini ads using tomato firmware on Netgear using less block URLs

As I noted in a previous reply, using a stock install of Pi-Hole and Google Chrome browser on a Mac, I don't see those ads.

Did you use any of the tools I mentioned to see if your DNS traffic is going through Pi-Hole? If it is not, then Pi-Hole will not be effective blocking ads, as the queries will bypass Pi-Hole.

I suspect that some or all of your DNS traffic is bypassing Pi-Hole.

What did the tail of your Pi-Hole log show?

Here is the log of my pi hole

https://tricorder.pi-hole.net/k5vufk6ewp
Can you pls check it and let me know what is the problem?
Can you guide me which DNS upload servers you have chosen? Or what is the correct way to configure those DNS settings in my pi hole for ad blocking ?

This is the debug log, which we have already reviewed and found no problems. This new debug log also shows no problems.

As noted in previous replies to your post, the problem is likely with the client/router configuration of DNS, resulting in DNS queries going somewhere other than Pi-Hole. Thus, Pi-Hole does not have an opportunity to filter those DNS queries.

What was the output of pihole -t (tailing the Pi-Hole log) when you loaded the wccftech.com website? That information will help us help you.

Also, run nslookup pi.hole from the connected client where you are seeing the ads and post the output.

I can't login using SSH . I don't know why. I have put SSH file in root folder. What am I doing wrong. Only if I can login through SSH then I can give you the output of pihole -t.
Thanks for your help...

Here is the output of pihole -t when I loaded www.cnx-software.com

pi@raspberrypi:~ $ pihole -t
[i] Press Ctrl-C to exit
21:04:18 dnsmasq[668]: reply api.github.com is NODATA-IPv6
21:04:18 dnsmasq[668]: reply api.github.com is 140.82.118.6
21:04:19 dnsmasq[668]: query[A] api.github.com from 127.0.0.1
21:04:19 dnsmasq[668]: cached api.github.com is 140.82.118.6
21:04:19 dnsmasq[668]: query[AAAA] api.github.com from 127.0.0.1
21:04:19 dnsmasq[668]: cached api.github.com is NODATA-IPv6
21:04:19 dnsmasq[668]: query[A] api.github.com from 127.0.0.1
21:04:19 dnsmasq[668]: cached api.github.com is 140.82.118.6
21:04:19 dnsmasq[668]: query[AAAA] api.github.com from 127.0.0.1
21:04:19 dnsmasq[668]: cached api.github.com is NODATA-IPv6
21:05:00 dnsmasq[668]: query[PTR] 1.0.0.1.in-addr.arpa from 127.0.0.1
21:05:00 dnsmasq[668]: forwarded 1.0.0.1.in-addr.arpa to 1.1.1.1
21:05:00 dnsmasq[668]: reply 1.0.0.1 is one.one.one.one
21:05:00 dnsmasq[668]: query[PTR] 1.1.1.1.in-addr.arpa from 127.0.0.1
21:05:00 dnsmasq[668]: forwarded 1.1.1.1.in-addr.arpa to 1.1.1.1
21:05:00 dnsmasq[668]: reply 1.1.1.1 is one.one.one.one

And output from nslookup.pihole is

pi@raspberrypi:~ $ nslookup pi.hole
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: pi.hole
Address: 192.168.2.100
Name: pi.hole
Address: 2003:d6:7f1b:3d40:e869:f69a:d9c6:32e0

Does it help you solve my problem?
It is still showing ads on these websites.... www.wccftech.com, www.cnx-software.com and also in ad testing website....
I need help pls.
Thanks in advance

I got one more output just now while trying to open wccftech
Here is the output:

pi@raspberrypi:~ $ pihole -t
[i] Press Ctrl-C to exit
21:20:26 dnsmasq[1140]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify dumpfile
21:20:26 dnsmasq-dhcp[1140]: DHCP, IP range 192.168.2.201 -- 192.168.2.251, lease time 1d
21:20:26 dnsmasq[1140]: using nameserver 192.168.2.1#53
21:20:26 dnsmasq[1140]: using nameserver 1.0.0.1#53
21:20:26 dnsmasq[1140]: using nameserver 1.1.1.1#53
21:20:26 dnsmasq[1140]: read /etc/hosts - 5 addresses
21:20:26 dnsmasq[1140]: read /etc/pihole/local.list - 4 addresses
21:20:26 dnsmasq[1140]: failed to load names from /etc/pihole/black.list: No such file or directory
21:20:36 dnsmasq[1140]: read /etc/pihole/gravity.list - 1231837 addresses
21:20:36 dnsmasq-dhcp[1140]: not giving name raspberrypi to the DHCP lease of 2003:d6:7f1b:3d49::135 because the name exists in /etc/pihole/local.list with address 2003:d6:7f1b:3d40:e869:f69a:d9c6:32e0
21:21:00 dnsmasq[1140]: query[PTR] b.4.4.0.1.a.5.c.5.c.8.a.e.e.1.3.9.4.d.3.b.1.f.7.6.d.0.0.3.0.0.2.ip6.arpa from 127.0.0.1
21:21:00 dnsmasq[1140]: forwarded b.4.4.0.1.a.5.c.5.c.8.a.e.e.1.3.9.4.d.3.b.1.f.7.6.d.0.0.3.0.0.2.ip6.arpa to 192.168.2.1
21:21:00 dnsmasq[1140]: forwarded b.4.4.0.1.a.5.c.5.c.8.a.e.e.1.3.9.4.d.3.b.1.f.7.6.d.0.0.3.0.0.2.ip6.arpa to 1.0.0.1
21:21:00 dnsmasq[1140]: forwarded b.4.4.0.1.a.5.c.5.c.8.a.e.e.1.3.9.4.d.3.b.1.f.7.6.d.0.0.3.0.0.2.ip6.arpa to 1.1.1.1
21:21:00 dnsmasq[1140]: reply 2003:d6:7f1b:3d49:31ee:a8c5:c5a1:44b is p200300D67F1B3D4931EEA8C5C5A1044B.dip0.t-ipconnect.de
21:21:00 dnsmasq[1140]: query[PTR] 1.0.0.1.in-addr.arpa from 127.0.0.1
21:21:00 dnsmasq[1140]: forwarded 1.0.0.1.in-addr.arpa to 192.168.2.1
21:21:00 dnsmasq[1140]: reply 1.0.0.1 is one.one.one.one
21:21:00 dnsmasq[1140]: query[PTR] 1.1.1.1.in-addr.arpa from 127.0.0.1
21:21:00 dnsmasq[1140]: forwarded 1.1.1.1.in-addr.arpa to 192.168.2.1
21:21:00 dnsmasq[1140]: reply 1.1.1.1 is one.one.one.one
21:21:00 dnsmasq[1140]: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
21:21:00 dnsmasq[1140]: config 192.168.2.1 is NXDOMAIN

What does it mean? Am I doing something wrong in setting in pihole?

Please confirm that this command was run from a connected client, and not from the Pi terminal. If from a client, what OS does the client run?

The output you provided indicates that the request for that domain did not go to Pi-Hole. The following domains should have been requested:

* signaler-pa.clients6.google.com
* www.cnx-software.com
* pagead2.googlesyndication.com
* z-na.amazon-adsystem.com
* fonts.gstatic.com
* quantcast.mgr.consensu.org

and the tail of the pihole log should have looked something like this:

Jul 18 15:22:22 dnsmasq[9251]: query[A] www.cnx-software.com from 192.168.0.135
Jul 18 15:22:22 dnsmasq[9251]: forwarded www.cnx-software.com to 127.0.0.1
Jul 18 15:22:22 dnsmasq[9251]: reply www.cnx-software.com is 104.28.19.95
Jul 18 15:22:22 dnsmasq[9251]: reply www.cnx-software.com is 104.28.18.95
Jul 18 15:22:22 dnsmasq[9251]: query[A] cdn.rawgit.com from 192.168.0.135
Jul 18 15:22:22 dnsmasq[9251]: forwarded cdn.rawgit.com to 127.0.0.1
Jul 18 15:22:22 dnsmasq[9251]: query[A] dsh7ky7308k4b.cloudfront.net from 192.168.0.135
Jul 18 15:22:22 dnsmasq[9251]: gravity dsh7ky7308k4b.cloudfront.net is 0.0.0.0
Jul 18 15:22:22 dnsmasq[9251]: query[A] www.googletagservices.com from 192.168.0.135
Jul 18 15:22:22 dnsmasq[9251]: gravity www.googletagservices.com is 0.0.0.0
Jul 18 15:22:22 dnsmasq[9251]: query[A] pagead2.googlesyndication.com from 192.168.0.135
Jul 18 15:22:22 dnsmasq[9251]: gravity pagead2.googlesyndication.com is 0.0.0.0
Jul 18 15:22:23 dnsmasq[9251]: query[A] s.skimresources.com from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: gravity s.skimresources.com is 0.0.0.0
Jul 18 15:22:23 dnsmasq[9251]: query[A] s.w.org from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: forwarded s.w.org to 127.0.0.1
Jul 18 15:22:23 dnsmasq[9251]: reply cdn.rawgit.com is <CNAME>
Jul 18 15:22:23 dnsmasq[9251]: reply rawgit.rawgh.netdna-cdn.com is 151.139.237.11
Jul 18 15:22:23 dnsmasq[9251]: reply s.w.org is 192.0.77.48
Jul 18 15:22:23 dnsmasq[9251]: query[A] www.google-analytics.com from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: gravity www.google-analytics.com is 0.0.0.0
Jul 18 15:22:23 dnsmasq[9251]: query[A] s7.addthis.com from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: gravity s7.addthis.com is 0.0.0.0
Jul 18 15:22:23 dnsmasq[9251]: query[A] steadfastsystem.com from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: gravity steadfastsystem.com is 0.0.0.0
Jul 18 15:22:23 dnsmasq[9251]: query[A] z-na.amazon-adsystem.com from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: gravity z-na.amazon-adsystem.com is 0.0.0.0
Jul 18 15:22:23 dnsmasq[9251]: query[A] quantcast.mgr.consensu.org from 192.168.0.135
Jul 18 15:22:23 dnsmasq[9251]: gravity quantcast.mgr.consensu.org is 0.0.0.0

Your pihole log shows none of the requests for the domains on that website - the only requests shown in your log are from the Pi itself (127.0.0.1). The DNS traffic from that client did not go through Pi-Hole.

Then how do I make it go through pihole? Pls guide me in setting up with correct DNS server pls