xblock.com and www.xblock.com belong to a reputable anti-spyware company affiliated with spywareguide.com and are not blocked by any other major Hosts file.
us.i1.yimg.com rarely serves ads, but also serves buttons and other useful images at Yahoo, and is not blocked by other Hosts files.
Full Version: Sites that should be unblocked
I just discovered that the Hosts file is also blocking passportimages.com and www.passportimages.com , which serve buttons needed for navigation at MSN Passport sites. I have never observed any advertising being served from these URLs.
Hi Samurai V,
xblock.com and www.xblock.com
The entries will be removed in the next update.
us.i1.yimg.com
If you want to have access to the Yahoo images, I suggest you disable the entry. I will not remove it. A lot of people don't like to be tracked or being part of statistics. Those entries are also blocked on our blocklists.
passportimages.com and www.passportimages.com
You can disable the entry if you like as I will not remove it. I like to visit MS site, but without wasting time with external links and the 1 pixel by 1 pixel Web bug GIF files trying to track every move you make. Unfortunately they use the same site for their buttons. It's also a very good compromise if you are using the Microsoft blocklist in PW, you have to make less exclusions.
I'm sure you will find a lot of other entries that aren't in other HOSTS files, it isn't a valid reason or argument for removal neither.
Kim
xblock.com and www.xblock.com
The entries will be removed in the next update.
us.i1.yimg.com
If you want to have access to the Yahoo images, I suggest you disable the entry. I will not remove it. A lot of people don't like to be tracked or being part of statistics. Those entries are also blocked on our blocklists.
passportimages.com and www.passportimages.com
You can disable the entry if you like as I will not remove it. I like to visit MS site, but without wasting time with external links and the 1 pixel by 1 pixel Web bug GIF files trying to track every move you make. Unfortunately they use the same site for their buttons. It's also a very good compromise if you are using the Microsoft blocklist in PW, you have to make less exclusions.
I'm sure you will find a lot of other entries that aren't in other HOSTS files, it isn't a valid reason or argument for removal neither.
Kim
Thanks for the info, Kimberly; I didn't know that passportimages serves web bugs! I think I'll leave it blocked 
download.bearshare.com is just a repository for BearShare installers.
Blocking it makes it impossible for users to download or update BearShare.
Blocking it makes it impossible for users to download or update BearShare.
www.nytimes.com
With all the other nytimes sites blocked no ads remain, and this one is safe to read the news on.
With all the other nytimes sites blocked no ads remain, and this one is safe to read the news on.
Speaking of which, graphics8.nytimes.com And graphics.nytimes.com are not currently blocked, but they should be. 
Hi Aaron.Walkhouse,
download.bearshare.com
I'm sorry but I will not remove that one, the Free version is 'sponsored', usually with ClickTillUWin stuff.
www.nytimes.com & nytimes.com: Removed
graphics8.nytimes.com & graphics.nytimes.com : Added
From the New-York Times page:
nytimes.dtmpub.com
media.travelzoo.com
Kim
download.bearshare.com
I'm sorry but I will not remove that one, the Free version is 'sponsored', usually with ClickTillUWin stuff.
www.nytimes.com & nytimes.com: Removed
graphics8.nytimes.com & graphics.nytimes.com : Added
From the New-York Times page:
nytimes.dtmpub.com
media.travelzoo.com
Kim
I noticed cnn.com and www.cnn.com are both blocked in the HOSTS file. Is this intentional? Either way, figured I'd bring it to your attn 
I've made proper exclusions on my end
But yea, I do know some of there ads are kind of shady and may be tracker-like.
I've made proper exclusions on my end But yea, I do know some of there ads are kind of shady and may be tracker-like.
Hi r00ted,
It's indeed intentional until all ads all figured out properly.
Kim
It's indeed intentional until all ads all figured out properly.
Kim
Hi Kimberly and all
I've found this address included in HOSTS ww2.grn.es, it's a catalonian webhost and I'm not sure why it's included.
inetnum: 80.64.32.0 - 80.64.37.255
netname: GRN
descr: GRN Serveis Telematics SL
descr: Girona - Spain
descr: This assignment is used for NOC servers,
descr: hosting/housing, ADSL, dial-up.
country: ES
org: ORG-GSTS1-RIPE
admin-c: GN613-RIPE
tech-c: GN613-RIPE
status: ASSIGNED PA
mnt-by: GRN1-RIPE-MNT
mnt-lower: GRN1-RIPE-MNT
source: RIPE
organisation: ORG-GSTS1-RIPE
org-name: GRN Serveis Telematics SL
org-type: LIR
address: GRN Serveis Telematics, S.L.
Oviedo, 46
17005 Girona
Spain
phone: +34 972 230000
fax-no: +34 972 401185
e-mail: xxxxxx
admin-c: GN613-RIPE
mnt-ref: GRN1-RIPE-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE
role: GRN NOC
address: GRN Serveis Telematics, S.L.
address: Oviedo, 46
address: 17005 Girona
address: Spain
phone: +34 972 230000
fax-no: +34 974 401185
e-mail: xxxxxx
org: ORG-GSTS1-RIPE
admin-c: AViV2-RIPE
admin-c: MOC11-RIPE
tech-c: JBC18-RIPE
tech-c: JFiM1-RIPE
tech-c: MFiB1-RIPE
nic-hdl: GN613-RIPE
mnt-by: GRN1-RIPE-MNT
source: RIPE
I've found this address included in HOSTS ww2.grn.es, it's a catalonian webhost and I'm not sure why it's included.
inetnum: 80.64.32.0 - 80.64.37.255
netname: GRN
descr: GRN Serveis Telematics SL
descr: Girona - Spain
descr: This assignment is used for NOC servers,
descr: hosting/housing, ADSL, dial-up.
country: ES
org: ORG-GSTS1-RIPE
admin-c: GN613-RIPE
tech-c: GN613-RIPE
status: ASSIGNED PA
mnt-by: GRN1-RIPE-MNT
mnt-lower: GRN1-RIPE-MNT
source: RIPE
organisation: ORG-GSTS1-RIPE
org-name: GRN Serveis Telematics SL
org-type: LIR
address: GRN Serveis Telematics, S.L.
Oviedo, 46
17005 Girona
Spain
phone: +34 972 230000
fax-no: +34 972 401185
e-mail: xxxxxx
admin-c: GN613-RIPE
mnt-ref: GRN1-RIPE-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE
role: GRN NOC
address: GRN Serveis Telematics, S.L.
address: Oviedo, 46
address: 17005 Girona
address: Spain
phone: +34 972 230000
fax-no: +34 974 401185
e-mail: xxxxxx
org: ORG-GSTS1-RIPE
admin-c: AViV2-RIPE
admin-c: MOC11-RIPE
tech-c: JBC18-RIPE
tech-c: JFiM1-RIPE
tech-c: MFiB1-RIPE
nic-hdl: GN613-RIPE
mnt-by: GRN1-RIPE-MNT
source: RIPE
Hi crass,
That entry isn't present anymore in the HOSTS file since at least 26 March.
Kim
That entry isn't present anymore in the HOSTS file since at least 26 March.
Kim
Hey, I noticed care2.com was blocked, everything blocked seems to have a valid reason (including with PW/BLM), so not doubting, just wondering if it is an error, they provide web email, and other stuff, orientated around helping the environment, etc.
Hi amcity,
It's not an error, it's blocked because it's related to TopMoxie
http://www3.ca.com/securityadvisor/pest/pe...px?id=453059998
Kim
It's not an error, it's blocked because it's related to TopMoxie
http://www3.ca.com/securityadvisor/pest/pe...px?id=453059998
Kim
I noticed
127.0.0.1 aim.aol.com
is in the HOSTS file, and it stops a user from registering with AOL/AIM.
127.0.0.1 aim.aol.com
is in the HOSTS file, and it stops a user from registering with AOL/AIM.
CNN - Time Warner - AOL ads - virus spreading domain - AIM Greetings button - Audio Spam - .....
Exclude it if you need it, I won't remove it
Kim
Exclude it if you need it, I won't remove it
Kim
ick. ok hehe. Ill keep it blocked and just temp disable the HOSTS heh.
It aint like I make new SNs on a daily basis
It aint like I make new SNs on a daily basis
my brother was having surfing problems with
www.drbizzaro.com
looks like it's blocked in the HOSTS file. Yea it is a porn site. seems legit to me. No spyware there. Though, I did see a link to Adware.CWSAlfasearch
www.drbizzaro.com
looks like it's blocked in the HOSTS file. Yea it is a porn site. seems legit to me. No spyware there. Though, I did see a link to Adware.CWSAlfasearch
The link related to Adware.CWSAlfasearch : the CWS modifies a hosts file entry to make sure that drbizzaro.com points to a different IP.
Nevertheless, I won't post the keywords I was able to find when doing a search on that website, Free college girls is one of them.... so sorry r00ted, I won't remove that crap (legitime or not) from the HOSTS file entries.
Kim
Nevertheless, I won't post the keywords I was able to find when doing a search on that website, Free college girls is one of them.... so sorry r00ted, I won't remove that crap (legitime or not) from the HOSTS file entries.
Kim
I am wondering why ia.imdb.com is blocked? It appears to serve only legitimate photographs from imdb.
Hi Samurai V,
I'll remove it for now as I don't see to much ad refers to it anymore. People that want to keep it blocked can always add it to their personal Inclusions list.
Kim
I'll remove it for now as I don't see to much ad refers to it anymore. People that want to keep it blocked can always add it to their personal Inclusions list.
Kim
I'm wondering why cyber.law.harvard.edu is blocked; it looked legitimate when I visited a link to it from vitalsecurity.org through a proxy server.
Removed. 
Kim
Kim
I discovered that I had to comment out software-dl.real.com in order to download an updated version of Real Player. Is this site harmful in any way?
Hi Samurai V,
I never used Real-Player, long time ago I did read a few articles about the Player and I really didn't like their practices. Didn't follow eventual evolution anymore.
It's listed in a lot of HOSTS files, even MVPS and the comment is RdxIE Class (because it's an ActiveX control)
The CLSID is 56336BCB-3D8A-11D6-A00B-0050DA18DE71
SpywareBlaster blocks this CLSID and the entry is listed as below:
Netster: Spyware, adware, browser hijacker, dialer or other potentially unwanted ActiveX component.
In a HijackThis log, it shows up like this:
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/07ac712a946962...ip/RdxIE601.cab
07ac712a946962626b21 - seems to be random on every system - a way to track people maybe ....
I don't know if you download your updated version through an ActiveX control or not, maybe you download the update from the website itself.... But it's because of the ActiveX Control that it is listed / blocked almost everywhere.
Hope this helps.
Kim
I never used Real-Player, long time ago I did read a few articles about the Player and I really didn't like their practices. Didn't follow eventual evolution anymore.
It's listed in a lot of HOSTS files, even MVPS and the comment is RdxIE Class (because it's an ActiveX control)
The CLSID is 56336BCB-3D8A-11D6-A00B-0050DA18DE71
SpywareBlaster blocks this CLSID and the entry is listed as below:
Netster: Spyware, adware, browser hijacker, dialer or other potentially unwanted ActiveX component.
In a HijackThis log, it shows up like this:
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/07ac712a946962...ip/RdxIE601.cab
07ac712a946962626b21 - seems to be random on every system - a way to track people maybe ....
I don't know if you download your updated version through an ActiveX control or not, maybe you download the update from the website itself.... But it's because of the ActiveX Control that it is listed / blocked almost everywhere.
Hope this helps.
Kim
Thanks for the info!
I can't use Real Alternative because my ISP bundles Real Player into the software and automatically reinstalls it if it is removed, so I have no choice but to patch and update it
I downloaded the latest player update from the real.com website using Firefox, so no Active-X, but I was alarmed to discover that after I installed it, Real Player set four tracking cookies in Firefox and one in IE, overriding my browser preferences and managing to dsiable the Firefox pref to delete cookies when the browser is closed. It also corrupted my Firefox profile, forcing me to create a new one from a backup.
Real Player also says in its EULA that it will change your firewall settings to allow it to communicate without prompts, though it didn't alter mine because I keep the firewall password-protected.
Real Player is virtually spyware, and most casual users won't know how to increase its well-hidden privacy options. I hate the darn thing and will only comment out the entry in question when I am actually downloading from their site. I also learned that I'll need to back up my Firefox profile and reinstall it after I get done with real.com.
Thanks again for your help
I can't use Real Alternative because my ISP bundles Real Player into the software and automatically reinstalls it if it is removed, so I have no choice but to patch and update it
I downloaded the latest player update from the real.com website using Firefox, so no Active-X, but I was alarmed to discover that after I installed it, Real Player set four tracking cookies in Firefox and one in IE, overriding my browser preferences and managing to dsiable the Firefox pref to delete cookies when the browser is closed. It also corrupted my Firefox profile, forcing me to create a new one from a backup.
Real Player also says in its EULA that it will change your firewall settings to allow it to communicate without prompts, though it didn't alter mine because I keep the firewall password-protected.
Real Player is virtually spyware, and most casual users won't know how to increase its well-hidden privacy options. I hate the darn thing and will only comment out the entry in question when I am actually downloading from their site. I also learned that I'll need to back up my Firefox profile and reinstall it after I get done with real.com.
Thanks again for your help
If you want I can post a list of additional realplayer - realnetworks entries to block that spyware crap. You could paste it into your personal inclusions list if you use the HOSTS manager. If you need to update, you could leave out the personal inclusions and put them back in when you're done.
Just let me know.
Kim
Just let me know.
Kim
Thanks, Kimberly -- I'd love to see that list
Hello and tanks for this great program..
I have one site that dont be block because they are a ISP from Portugal and the site block is the homepage.. 
sapo.pt
www.sapo.pt
Tanks and resolve that problem for the portuguese comunity..
In replace you can ad that page of ads:
adserv.sapo.pt
Tanks in advance..
I have one site that dont be block because they are a ISP from Portugal
and the site block is the homepage.. sapo.pt
www.sapo.pt
Tanks and resolve that problem for the portuguese comunity..
In replace you can ad that page of ads:
adserv.sapo.pt
Tanks in advance..
Issue fixed Freeware-User.
Kim
Kim
Tanks Kim.. This provoked much upheaval to the Portuguese..
Keep the good work..
Keep the good work..
This domain appears only to serve CNN news photos and might be a candidate to unblock: i.a.cnn.net
I noticed one banner ad served from i.cnn.net, but i.cnn.net also serves all of the navigation buttons for CNN, so I did not report it as a "bad site."
I noticed one banner ad served from i.cnn.net, but i.cnn.net also serves all of the navigation buttons for CNN, so I did not report it as a "bad site."
Thanks Samurai V,
Pruttel did point out exactly the same thing, so I did remove the entry yesterday, should have been in the latest update already.
Kim
Pruttel did point out exactly the same thing, so I did remove the entry yesterday, should have been in the latest update already.
Kim
maddox.xmission.com Just wondering why this site is blocked? thx!
It has been reported by someone as a shocking site. If you wish to visit that site, you will have to take it out of the HOSTS file by yourself because I will not remove it.
Kim
Kim
Is there a lot of sites in that host file that have been blocked simply because someone found them "shocking"? The site in question is a humor site, little crude for some maybe, but surely not harmful for your pc or your internet connection... ( try it, maybe you'll change your mind ) and there's absolutely no ads, banners or popups
Just asking because I thought that you use that host file mainly to block ads and banners and sites that have been known to actually do something harmful, like spread viruses and such. Blocking a site because it's "shocking" sounds more like censorship to me than actual protection, and censorship makes my skin crawl...
What criteria do you use to decide if a site should or should not be blacklisted?
Thx again!
) and there's absolutely no ads, banners or popupsJust asking because I thought that you use that host file mainly to block ads and banners and sites that have been known to actually do something harmful, like spread viruses and such. Blocking a site because it's "shocking" sounds more like censorship to me than actual protection, and censorship makes my skin crawl...
What criteria do you use to decide if a site should or should not be blacklisted?
Thx again!
A Hosts file is used to block spyware, ads, banners, spammers, .... It can also be used to block adult content. I did visit the site in question when I did add it and again today, and I still think it's not suitable for everyone. It isn't a question of censorship, subject which I certainly will not discuss here. You are free to remove / to add a site from a Hosts file, just like you set up firewall rules like you wish. Some people add sites to their restricted zones in Internet Explorer, while others don't, some peeps use monitoring software because they have kids and everyone will set up different restrictions ... In the mean while standard rule sets and standard hosts files try to keep a middle... and you have the liberty to modify them according to your point of view and opinions.
Kim
Kim
yep, just grab Kimberly's BISS HOSTS Manager, it makes managing the HOSTS file simple.
Add the site to always exclude, and it will never be blocked again.
Add the site to always exclude, and it will never be blocked again.
Well, I guess I'll do just that. Don't get me wrong, I really think that your doing a great job here. I've been using protowall for sometimes now and I only have good things to say about it, so i've decided to give that host file a try. I was quite surprised to find out that this site (maddox.xmission.com) was blocked, since it's not harmful in any way (other than using curse words). I was surprised because before trying it I red the HOSTS page, in your site navigation menu, and under "Why should I install this host file?" you say, and I quote :
"The HOSTS file will prevent your browser from accessing sites which serve advertising or collect marketing data (Spyware) on you. By installing this file, you will greatly improve your internet experience (unless you actually like the ads) and you can feel more comfortable knowing that you have reduced the amount of information that is being gathered about you."
And now I found that your HOSTS file prevents my browser from accessing a little more than that....It's just that i didn't expect some sort of content filtering (You don't mention any content filtering features in your adverstisings). I realize that some people might find that really useful, but I just think that it's odd too have a site like that blocked by default in a HOSTS file mainly used for Adds/spam,etc... Maybe you need to add more detailed informations, or maybe I should have red the forums more carefully, I don't know, but if you're to do content filtering, you should mention it clearly. I tried the hostfile manager, hoping that maybe it would be a bit like the protowall blocklist manager, that you would be able to choose sources to download or not, but it seems that you only have one default "model". I think it might be a good idea to add different sets of rules maybe? Just a friendly suggestion or something to let people choose their "sources" like the Blocklist Manager. Of course, I can always do it manually, but that host file is BIG and I was wondering if there are many more site like that. Something to let people know why an address is block, a description or a category (like "adds", "spam", "porn", "shocking", "boring" ) would be a great way to add a little more functionality. But i realize also that it would probably be a lot of work, and I haven't yet figured how you guys keep track of all those ip's that must be so much work! I'm just really thankful for what you've already done, these are just suggestions to make the best a little better, if that's possible. 
so again thx for everything!
"The HOSTS file will prevent your browser from accessing sites which serve advertising or collect marketing data (Spyware) on you. By installing this file, you will greatly improve your internet experience (unless you actually like the ads) and you can feel more comfortable knowing that you have reduced the amount of information that is being gathered about you."
And now I found that your HOSTS file prevents my browser from accessing a little more than that....It's just that i didn't expect some sort of content filtering (You don't mention any content filtering features in your adverstisings). I realize that some people might find that really useful, but I just think that it's odd too have a site like that blocked by default in a HOSTS file mainly used for Adds/spam,etc... Maybe you need to add more detailed informations, or maybe I should have red the forums more carefully, I don't know, but if you're to do content filtering, you should mention it clearly. I tried the hostfile manager, hoping that maybe it would be a bit like the protowall blocklist manager, that you would be able to choose sources to download or not, but it seems that you only have one default "model". I think it might be a good idea to add different sets of rules maybe? Just a friendly suggestion
or something to let people choose their "sources" like the Blocklist Manager. Of course, I can always do it manually, but that host file is BIG and I was wondering if there are many more site like that. Something to let people know why an address is block, a description or a category (like "adds", "spam", "porn", "shocking", "boring" ) would be a great way to add a little more functionality. But i realize also that it would probably be a lot of work, and I haven't yet figured how you guys keep track of all those ip's that must be so much work! I'm just really thankful for what you've already done, these are just suggestions to make the best a little better, if that's possible. so again thx for everything!
127.0.0.1 lyricsdepot.com appears to be blocked
The only stuff appearing in the source is a lot of javascript and links to
a.tribalfusion.com
images.amazon.com
ads.realtechnetwork.net
pagead2.googlesyndication.com
w0.extreme-dm.com
The only stuff appearing in the source is a lot of javascript and links to
a.tribalfusion.com
images.amazon.com
ads.realtechnetwork.net
pagead2.googlesyndication.com
w0.extreme-dm.com
lyricsdepot.com was added because it was the source for a browser hijack. I will not remove it atm.
Kim
Kim
Flyordie.com whats wrong with it?
Blocking media.washingtonpost.com breaks their pages. I only saw one small banner ad after commenting out the entry, so it might be a good candidate for removal.
Flyordie.com : Mindset Interactive / Vista Interactive (Transponder sites)
Will not be removed.
media.washingtonpost.com : removed
Will not be removed.
media.washingtonpost.com : removed
Hi, Kimberly,
Blocking www.imgag.com breaks msn.americangreetings.com. I didn't see any ads or other nasties when I commented it out. (adsag.com serves the ads for that page.)
Blocking www.imgag.com breaks msn.americangreetings.com. I didn't see any ads or other nasties when I commented it out. (adsag.com serves the ads for that page.)
Blocking i.i.com.com breaks the display of CNet pages.
Fixed Samurai V
I'm not sure what section to ask this question in 
Would it possible to find out why mntolympus.org was recently added to BT's Hosts file ?
Would it possible to find out why mntolympus.org was recently added to BT's Hosts file ?
QUOTE (Kimberly @ Oct 10 2005, 04:01 PM)
Thanks Kim,
Unless I am missing something there was a point in time a number of months back where Eric L. Howes did have Spyware Shield\MntOlympus listed as a Rogue program but if you will re-check the link you posted Eric has de-listed Spyware Shield as a Rogue program in early September this year..
QUOTE (Eric Howe)
Spyware Shield
(read note)
Note on Spyware Shield: Spyware Shield was listed on this page out of concern that the author used the research of others without giving proper credit and without following license for products used. Given that the author of the program has taken steps to redress these problems, we can no longer consider Spyware Shield to be "rogue/suspect" anti-spyware.
[A: 8-21-05 / U: 9-6-05]
(read note)
Note on Spyware Shield: Spyware Shield was listed on this page out of concern that the author used the research of others without giving proper credit and without following license for products used. Given that the author of the program has taken steps to redress these problems, we can no longer consider Spyware Shield to be "rogue/suspect" anti-spyware.
[A: 8-21-05 / U: 9-6-05]
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.