[privoxy.git] / ijb.action

#############################################################################
# Sample actions file for the Internet Junkbuster 2.9.x
#
# For information, see http://ijbswa.sourceforge.net/
#
# $Id: ijb.action,v 1.7 2002/03/08 18:01:48 morcego Exp $
#
#############################################################################
# Syntax
#############################################################################
# 
# To determine which actions apply to a request, the URL of the request is
# compared to all patterns in this file. Every time it matches, the list of
# applicable actions for this URL is incrementally updated. You can trace
# this process by visiting http://i.j.b/show-url-info
#
# There are 4 types of lines in this file: comments (like this line),
# actions, aliases and patterns, all of which are explained below.
#
#############################################################################
# Pattern Syntax
#############################################################################
# 
# 1. On Domains and Paths
# -----------------------
#
# Generally, a pattern has the form <domain>/<path>, where both the <domain>
# and <path> part are optional. If you only specify a domain part, the "/"
# can be left out:
# 
# www.example.com 
#   is a domain-only pattern and will match any request to www.yahoo.com
# 
# www.example.com/
#   means exactly the same (but is slightly less efficient)
# 
# www.example.com/index.html
#   matches only the document /index.html on www.example.com
# 
# /index.html
#   matches the document /index.html, regardless of the domain
# 
# index.html
#   matches nothing, since it would be interpreted as a domain name and
#   there is no top-level domain called ".html".
# 
# 2. Domain Syntax
# ----------------
# 
# The matching of the domain part offers some flexible options: If the
# domain starts or ends with a dot, it becomes unanchored at that end:
# 
# www.example.com
#   matches only www.example.com
# 
# .example.com
#   matches any domain that ENDS in .example.com
# 
# www.
#   matches any domain that STARTS with www.
# 
# Additionally, there are wildcards that you can use in the domain names
# themselves. They work pretty similar to shell wildcards: "*" stands for
# zero or more arbitrary characters, "?" stands for one, and you can define
# charachter classes in square brackets and they can be freely mixed:
# 
# ad*.example.com
#   matches adserver.example.com, ads.example.com, etc but not sfads.example.com
# 
# *ad*.example.com
#   matches all of the above
# 
# .?pix.com
#   matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc
# 
# www[1-9a-ez].example.com
#   matches www1.example.com, www4.example.com, wwwd.example.com, 
#   wwwz.example.com etc, but not wwww.example.com
# 
# You get the idea?
# 
# 2. Path Syntax
# --------------
# 
# Paths are specified as regular expressions. A comprehensive discussion of
# regular expressions wouldn't fit here, but (FIXME) someone should paste
# a concise intro to the regex language here.
# 
# If Junkbuster was compiled with pcre support (default), Perl compatible
# regular expressions are used. See the pcre/docs/ direcory or man perlre
# (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for
# details.
# 
# Please note that matching in the path is CASE INSENSITIVE by default, but
# you can switch to case sensitive by starting the pattern with the "(?-i)"
# switch:
# 
# www.example.com/(?-i)PaTtErN.*
#   will match only documents whose path starts with PaTtErN in exactly this
#   capitalization.
#
# Partially case-sensetive and partially case-insensitive patterns are
# possible, but the rules about splitting them up are extremely complex
# - see the PCRE documentation for more information.
# 
#############################################################################
# Action Syntax
#############################################################################
#
# There are 3 kinds of action:
#
# Boolean (e.g. "block"):
#   +name  # enable
#   -name  # disable
#
# Parameterized (e.g. "hide-user-agent"):
#   +name{param}  # enable and set parameter to "param"
#   -name         # disable
#
# Multi-value (e.g. "add-header", "wafer"):
#   +name{param}  # enable and add parameter "param"
#   -name{param}  # remove the parameter "param"
#   -name         # disable totally
#
# The default (if you don't specify anything in this file) is not to take
# any actions - i.e completely disabled, so JunkBuster will just be a
# normal, non-blocking, non-anonymizing proxy.  You must specifically
# enable the privacy and blocking features you need (although the 
# provided default actions file will do that for you).
#
# Later actions always override earlier ones.  For multi-valued actions,
# the actions are applied in the order they are specified.
#
#############################################################################
# Valid actions are:
#############################################################################
#
# +add-header{Name: value}
#    Adds the specified HTTP header, which is not checked for validity.
#    You may specify this many times to specify many headers.
#
# +block
#    Block this URL
#
# +deanimate-gifs{last}
# +deanimate-gifs{first}
#    Deanimate all animated GIF images, i.e. reduce them to their last
#    frame. This will also shrink the images considerably. (In bytes,
#    not pixels!) 
#    If the option "first" is given, the first frame of the animation
#    is used as the replacement. If "last" is given, the last frame of
#    the animation is used instead, which propably makes more sense for
#    most banner animations, but also has the risk of not showing the
#    entire last frame (if it is only a delta to an earlier frame).
#
# +downgrade
#    Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the
#    responses as well. Use this action for servers that use HTTP/1.1
#    protocol features that Junkbuster currently can't handle yet.
#
# +fast-redirects
#    Many sites, like yahoo.com, don't just link to other sites.
#    Instead, they will link to some script on their own server,
#    giving the destination as a parameter, which will then redirect
#    you to the final target. 
#
#    URLs resulting from this scheme typically look like:
#    http://some.place/some_script?http://some.where-else
#
#    Sometimes, there are even multiple consecutive redirects encoded
#    in the URL. These redirections via scripts make your web browing
#    more traceable, since the server from which you follow such a link
#    can see where you go to. Apart from that, valuable bandwidth and
#    time is wasted, while your browser aks the server for one redirect
#    after the other. Plus, it feeds the advertisers.
#
#    The +fast-redirects option enables interception of these requests
#    by junkbuster, who will cut off all but the last valid URL in the
#    request and send a local redirect back to your browser without
#    contacting the remote site.
#
# +filter{name}
#    Filter the website through one or more regular expression filters.
#    Repeat for multiple filters.
#   
#    Filters predefined in the supplied re_filterfile include:
#
#     html-annoyances:  Get rid of particularly annoying HTML abuse
#     js-annoyances:    Get rid of particularly annoying JavaScript abuse
#     no-poups:         Kill all popups in JS and HTML
#     frameset-borders: Give frames a border
#     webbugs:          Squish WebBugs (1x1 invisible GIFs used for user tracking)
#     no-refresh:       Automatic refresh sucks on auto-dialup lines
#     fun:              Text replacements  for subversive browsing fun!
#     nimda:            Remove (virus) Nimda code.
#     banners-by-size:  Kill banners by size
#     crude-parental:   Kill all web pages that contain the words "sex" or "warez"
#
#
# +hide-forwarded
#    Block any existing X-Forwarded-for header, and do not add a new one.
#
# +hide-from{block}
# +hide-from{spam@sittingduck.xqq}
#    If the browser sends a "From:" header containing your e-mail address, 
#    either completely removes the header ("block"), or change it to the
#    specified e-mail address.
#
# +hide-referer{block}
# +hide-referer{forge}
# +hide-referer{http://nowhere.com}
#    Don't send the "Referer:" (sic) header to the web site.  You can
#    block it, forge a URL to the same server as the request (which is
#    preferred because some sites will not send images otherwise) or
#    set it to a constant string.
#
# +hide-referrer{...}
#    Alternative spelling of +hide-referer.  Has the same parameters,
#    and can be freely mixed with, "+hide-referer".  ("referrer" is the 
#    correct English spelling, however the HTTP specification has a 
#    bug - it requires it to be spelt "referer").
#
# +hide-user-agent{browser-type}
#    Change the "User-Agent:" header so web servers can't tell your
#    browser type.  (Breaks many web sites).  Specify the user-agent
#    value you want - e.g., to pretend to be using Netscape on Linux:
#      +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
#    Or to identify yourself explicitly as a JunkBuster user:
#      +hide-user-agent{JunkBuster/1.0}
#    (Don't change the version number from 1.0 - after all, why tell them?)
#
# +image
#    Treat this URL as an image.  This only matters if it's also "+block"ed,
#    in which case a "blocked" image can be sent rather than a HTML page.
#    See +image-blocker{} for the control over what is actually sent.
#
# +image-blocker{logo}
# +image-blocker{blank}
# +image-blocker{pattern}
# +image-blocker{<URL>} with <url> being any valid image URL
#    Decides what to do with URLs that end up tagged with {+block +image}.
#    There are 5 options.  "-image-blocker" will send a HTML "blocked" page,
#    usually resulting in a "broken image" icon.  "+image-blocker{logo}"
#    will send a "JunkBuster" image.  "+image-blocker{blank}" will send
#    a 1x1 transparent image, "+image-blocker{pattern}" will send a 4x4
#    grey/white pattern which is less intrusive than the logo but easier
#    to recognize than the transparent one. And finally, "+image-blocker{<URL>}"
#    will send a HTTP temporary redirect to the specified image URL.
#
#
# +limit-connect{portlist}
#   The CONNECT methods exists in HTTP to allow access to secure websites
#   (https:// URLs) through proxies. It works very simply: The proxy
#   connects to the server on the specified port, and then short-circuits
#   its connections to the cliant and to the remote proxy.
#   This can be a big security hole, since CONNECT-enabled proxies can
#   be abused as TCP relays very easily.
#   By default, i.e. in the absence of a +limit-connect action, Junkbuster
#   will only allow CONNECT requests to port 443, which is the standard port
#   for https.
#   If you want to allow CONNECT for more ports than that, or want to forbid
#   CONNECT altogether, you can specify a comma separated list of ports and port
#   ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K):
#
#   +limit-connect{443} # This is the default and need no be specified.
#   +limit-connect{80,443} # Ports 80 and 443 are OK.
#   +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK.
#
# +no-compression
#    Prevent the website from compressing the data. Some websites do
#    that, which is a problem for junkbuster, since +filter, +no-popup
#    and +gif-deanimate will not work on compressed data. Will slow down
#    connections to those websites, though.
#
# +no-cookies-keep
#    If the website sets cookies, make sure they are erased when you exit
#    and restart your web browser.  This makes profiling cookies useless,
#    but won't break sites which require cookies so that you can log in
#    or for transactions.
#
# +no-cookies-read
#    Prevent the website from reading cookies
#
# +no-cookies-set
#    Prevent the website from setting cookies
#
# +no-popup
# +no-popups
#    Filter the website through a built-in filter to disable
#    window.open() etc.  The two alternative spellings are
#    equivalent.
#
# +vanilla-wafer
#    This action only applies if you are using a jarfile.  It sends a
#    cookie to every site stating that you do not accept any copyright
#    on cookies sent to you, and asking them not to track you.  Of
#    course, this is a (relatively) unique header they could use to 
#    track you.
#
# +wafer{name=value}
#    This allows you to add an arbitrary cookie.  Specify it multiple
#    times in order to add several cookies.
#
#############################################################################


#############################################################################
# Aliases
#############################################################################
{{alias}}
#############################################################################
#
# You can define a short form for a list of permissions - e.g., instead
# of "-no-cookies-set -no-cookies-read -filter -fast-redirects", you can
# just write "shop".  This is called an alias.
#
# Currently, an alias can contain any character except space, tab, '=', '{'
# or '}'.
# But please use only 'a'-'z', '0'-'9', '+', and '-'.
#
# Alias names are not case sensitive.
#
# Aliases beginning with '+' or '-' may be used for system permission names 
# in future releases - so try to avoid alias names like this.  (e.g. 
# "+no-cookies" below is not a good name)
#
# Aliases must be defined before they are used.
# 

# Useful aliases
+no-cookies = +no-cookies-set +no-cookies-read
-no-cookies = -no-cookies-set -no-cookies-read
+imageblock = +block +image

# Fragile sites should have the minimum changes
fragile     = -block -deanimate-gifs -fast-redirects -filter -hide-referer -no-cookies -no-popups

# Shops should be allowed to set persistent cookies
shop        = -filter -no-cookies -no-cookies-keep

# Your favourite blend of filters:
#
myfilters   = +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\
              +filter{webbugs} +filter{nimda} +filter{banners-by-size}

#... etc.  Customize to your heart's content.

#############################################################################
# Defaults
#############################################################################
{\
-add-header \
-block \
-deanimate-gifs \
-downgrade \
+fast-redirects \
myfilters \
+no-compression \
+no-cookies-keep \
+hide-forwarded \
+hide-from{block} \
+hide-referer{forge} \
-hide-user-agent \
-image \
+image-blocker{http://i.j.b/send-banner} \
+no-cookies-keep \
-no-cookies-read \
-no-cookies-set \
+no-popups \
-vanilla-wafer \
-wafer \
}
/ # Match all URLs


#############################################################################
# A useful site for testing - shows all headers:
# http://privacy.net/analyze/
#############################################################################
{+add-header{X-Privacy: Yes please} \
+add-header{X-User-Tracking: No thanks!} -filter}
privacy.net


#############################################################################
# Test for new GIF deanimation feature.
# Just try http://www.oesterhelt.org/deanimate-demo with and without it.
#############################################################################
{+deanimate-gifs{last}}
www.oesterhelt.org/deanimate-demo


#############################################################################
# Sites that need cookies
#
# FIXME: Now cookies are allowed by default, do any of these sites
# need persistent cookies?
#############################################################################

#{-no-cookies}
#.javasoft.com
#.sun.com
#.yahoo.com
#.msdn.microsoft.com
#.sourceforge.net
#.sf.net
#www.nexgo.de
#.myrealbox.com
#mail.uni.de
#e-tools.freenet.de
#office.freenet.de

#############################################################################
# These sites are very complex and require
# minimal interference.
#############################################################################
{fragile}
.office.microsoft.com
.windowsupdate.microsoft.com
.deutsche-bank-24.de

#############################################################################
# Shopping sites - still want to block ads.
#############################################################################
{shop}
.quietpc.com
.worldpay.com   # for quietpc.com
.jungle.com
.scan.co.uk

#############################################################################
# These shops require pop-ups
#############################################################################
{shop -no-popups}
.dabs.com
.overclockers.co.uk

#############################################################################
# Sometimes fast-redirects catches things by mistake
#############################################################################
{-fast-redirects}
www.ukc.ac.uk/cgi-bin/wac\.cgi\?
login.yahoo.com
edit.europe.yahoo.com
.google.com
.altavista.com/.*(like|url|link):http
.altavista.com/trans.*urltext=http
.speedfind.de
.nytimes.com

#############################################################################
# Please don't re_filter code!
#############################################################################
{-filter}
.sourceforge.net


#############################################################################
# Imagelist:
#############################################################################
{+image}
#############################################################################
/.*\.gif
/.*\.jpe?g
/.*\.png

#############################################################################
{+imageblock}
#############################################################################
.adforce.imgis.com
.ad.preferences.com/image.*
.ads.web.aol.com
.focalink.com
.ad-adex3.flycast.com
.ad.doubleclick.net
.connect.247media.ads.link4ads.com
.ln.doubleclick.net
.mojofarm.mediaplex.com/ad/
www.carbuyer.com/cgi-carbuyer/getimage.cgi
/phpAds(New)?/viewbanner\.php
.ad.de.doubleclick.net
/.*/count\.cgi\?.*df=
*.fxweb.com/v2-trackrun\.cgi
195.63.104.61
195.63.104.222
213.165.64.3[4-9]
213.165.64.4[0-4]
194.221.183.22[1-7]
a196.g.akamai.net/7/196/2670/000[1-3]/images\.gmx\.net/.*images/.*/.*/
/cgi-bin/ivw/CP/
151.189.8.213/Adimg
151.189.8.193/Media
.smartclicks.com/.*/smart(img|banner|host|bar|site)
.linkexchange.com/.*/showl(ogo|e)
MoneyBanner.de
pixel.intares.net/cgi-bin/janus
ar.atwola.com # This serves all ads for CNN and AOL

#############################################################################
# Blocklist:
#############################################################################
{+block}
#############################################################################
/.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))
/.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])
/.*/(ng)?adclient\.cgi
/.*/(plain|live|rotate)[-_.]?ads?/

/.*/(sponsor)s?[0-9]?/
###/*.*/(sponsor|banner)s?[0-9]?/
###/*.*/.*banner([-_]?[a-z0-9]+)?\.(gif|jpg)

/?.*/_?(plain|live)?ads?(-banners)?/
/?.*/abanners/
/?.*/ad(sdna_image|gifs?)/
/?.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)
/?.*/adbanners/
/?.*/ad_banner/
/?.*/adserver
/?.*/adstream\.cgi
/?.*/adv((er)?ts?|ertis(ing|ements?))?/
/?.*/anzei(gen)?/?
/?.*/ban[-_]cgi/
/?.*/banner_?ads/
/?.*/banner_?anzeigen
/?.*/bannerimage/
/?.*/banners?/
/?.*/banners?\.cgi/
/?.*/cgi-bin/centralad/getimage
/?.*/images/addver\.gif
/?.*/images/advert\.gif
/?.*/images/marketing/.*\.(gif|jpe?g)
/?.*/place-ads
/?.*/popupads/
/?.*/promobar.*
/?.*/publicite/
/?.*/randomads/.*\.(gif|jpe?g)
/?.*/rekla(ma|me|am)/.*\.(gif|jpe?g)
/?.*/siteads/
/?.*/sponsor.*\.gif
/?.*/sponsors?[0-9]?/
/?.*/ucbandeimg/
/?.*/werb\..*
/?.*/werbebanner/
/?.*/werbung/.*\.(gif|jpe?g)
/?.*/adv\.   # www.telegraaf.nl
/?.*/advert[0-9]+\.jpg
/?.*bann\.gif
/?.*/ads/
/Media/Images/Adds/
/_banner/
/ad_images/
/adgenius/
/adimages/
/viewad/
/adserve/
/adverts/
/annonser?/
/bando/
/bannerad/
/bannerfarm/
/bin/getimage.cgi/...\?AD
/bin/nph-oma.count/ct/default.shtml
/bin/nph-oma.count/ix/default.html
/cgi-bin/getimage.cgi/....\?GROUP=
/cgi-bin/nph-load
/cgi-bin/webad.dll/ad
/cwmail/acc\.gif
/cwmail/amzn-bm1\.gif
/db_area/banrgifs/
/gif/teasere/
/grafikk/annonse/
/graphics/defaultAd/
/grf/annonif
/htmlad/
/image\.ng/AdType
/image\.ng/transactionID
/images/.*/.*_anim\.gif # alvin brattli
/ip_img/.*\.(gif|jpe?g)
/marketpl*/
/minibanners/
/netscapeworld/nw-ad/
/promotions/houseads/
/rotads/ 
/rotateads/
/rotations/ 
/torget/jobline/.*\.gif
/viewad/
/werbung/
/worldnet/ad\.cgi
/zhp/auktion/img/
/cgi-bin/nph-adclick.exe/
/?.*/Image/BannerAdvertising/
/?.*/ad-bin/
/?.*/adlib/server\.cgi
/?.*/gsa_bs/gsa_bs.cmdl
/autoads/
/anz/pics/

# for our finnish friends, by Kai Puolamaki <Kai.Puolamaki@iki.fi>
/?.*/mainos/*.*/.*\.gif
/?.*/mainos/*.*/.*\.jpe?g

# more from a finnish friend Petri Haapio <pha@iki.fi>
cgi.tietovalta.fi
.keltaisetsivut.fi/web/img/\.*gif
.haku.net/pics/pana\.*gif
.www.fi/guvat/\.*gif
/?.*/(.*[-_.].*)?maino(kset|nta|s).*(/|\.(gif|html?|jpe?g|png))
/?.*/(ilm(oitus)?|kampanja)(hallinta|kuvat?)(/|\.(gif|html?|jpe?g|png))

# and even more from a finnish friend Hannu Napari <Hannu.Napari@hut.fi>
194.251.243.50/cgi-bin/banner

www.dime.net/ad
www.iltalehti.fi/ad
www.iltalehti.fi/ilmkuvat
www.mtv3.fi/mainoskuvat

# <jwz@jwz.org>
/?.*/adfinity
/?.*/[?]adserv
/?.*/bizgrphx/
/?.*/smallad2\.gif
/?.*/ana2ad\.gif
/?.*/adimg/
/?.*/.*counter\.pl
/?.*/spin_html/
/?.*/images/topics/topicgimp\.gif
.discovery.com/.*banner_id
/?.*/.*bannr\.gif
.cruel.com/images/
.idrink.com/frm_bottom.htm
/?.*/.*pb_ihtml\.gif
/?.*/ph-ad.*\.focalink\.com
/cgi-bin/adjuggler

/we_ba/ # hausfrauenseite.de *bwhahahaaaaa*

# ms sucks !
/.*(ms)?backoff(ice)?.*\.(gif|jpe?g)
/.*(/ie4|/ie3|msie|sqlbans|powrbybo|activex|backoffice|explorer|netnow|getpoint|ntbutton|hmlink).*\.(gif|jpe?g)
/.*activex.*(gif|jpe?g)
/.*explorer?.(gif|jpe?g)
/.*freeie\.(gif|jpe?g)
/.*/ie_?(buttonlogo|static?|anim.*)?\.(gif|jpe?g)
/.*ie_sm\.(gif|jpe?g)
/.*msie(30)?\.(gif|jpe?g)
/.*msnlogo\.(gif|jpe?g)
/.*office97_ad1\.(gif|jpe?g)
/.*pbbobansm\.(gif|jpe?g)
/.*powrbybo\.(gif|jpe?g)
/.*sqlbans\.(gif|jpe?g)
/.*exc_ms\.gif
/.*ie4get_animated\.gif
/.*ie4_animated\.gif
/.*n_iemap\.gif
/.*ieget\.gif
/.*logo_msnhm_*
/.*mcsp2\.gif
/.*msn2\.gif
/.*add_active\.gif
/.*n_msnmap\.gif
/.*Ad00\.gif
/.*s_msn\.gif
/.*addchannel\.gif
/.*adddesktop\.gif
/?.*/ns4\.gif
/?.*/v3sban\.gif
/?.*/?FPCreated\.gif
/?.*/opera35\.gif
/?.*/opera13\.gif
/?.*/opera_b\.gif
/?.*/ie_horiz\.gif
/?.*/ie_logo\.gif

# ... and even more!
/?.*/favicon\.ico

# generally useless information and promo stuff (commented out)
#/.*/(counter|getpcbutton|BuiltByNOF|netscape|hotmail|vcr(rated)?|rsaci(rated)?|freeloader|cache_now(_anim)?|apache_pb|now_(anim_)?button|ie_?(buttonlogo|static?|.*ani.*)?)\.(gif|jpe?g)

/?.*/images/na/us/brand/
/?.*/advantage\.(gif|jpg)
/?.*/advanbar\.(gif|jpg)
/?.*/advanbtn\.(gif|jpg)
/?.*/biznetsmall\.(gif|jpg)
/?.*/utopiad\.(gif|jpg)
/?.*/epipo\.(gif|jpg)
/?.*/amazon([a-zA-Z0-9]+)\.(gif|jpg)
/?.*/bnlogo.(gif|jpg)
/?.*/buynow([a-zA-Z0-9]+)\.(gif|jpg)

/p/d/publicid


# for the dutch folks by a dutch friend gertjan@west.nl
/?.*/Advertenties/
/?.*/Adverteerders/
.netdirect.nl/nd_servlet/___

# --------------------------------------------------------------------------
#
# specific servers
#
# --------------------------------------------------------------------------

# the next two lines work 
12.16.1.10/web_GIF
12.16.1.10/~web_ani
193.158.37.3/cgi-bin/impact
193.210.156.114
193.98.1.160/img
194.231.79.38
195.124.124.56
195.27.70.69
195.30.94.21
195.63.104.*/(inbox|log|meld|folderlu|folderru|log(in|out)[lmr]u|)
199.78.52.10
.1st-fuss.com
204.253.46.71:1977
204.94.67.40/wc/
205.153.208.93
205.216.163.62
205.217.103.58:1977
206.165.5.162/images/gcanim\.gif
206.221.254.181:80
206.50.219.33
207.137.96.35
207.159.129.131/abacus
207.159.135.72
207.82.250.9
207.87.15.234
207.87.27.10/tool/includes/gifs/
208.156.39.14[24]
208.156.60.23[045]
209.1.112.252/adgraph/
209.1.135.14[24]:1971
209.132.97.164/IMG/
209.185.222.45
209.185.222.60
209.185.253.199
209.207.224.22[02]/servfu.pl 
209.239.37.214/cgi-pilotfaq/getimage\.cgi
209.297.224.220
209.75.21.6
209.85.89.183/cgi-bin/cycle\?host
212.63.155.122/(banner|concret|softwareclub)
216.15.157.34
216.27.61.150
216.49.10.236/web1000/
.247media.com
62.144.115.12/dk/
.ICDirect.com/cgi-bin
.Shannon.Austria.Eu.net/\.cgi/
.WebSiteSponsor.de
207.181.220.145

#
# generic hosts (probably most effective)
#
ad*.
.*ads.
banner.

.admaximize.com
.imgis.com
#/.*/*preferences.com*
1ad.prolinks.de
.adwisdom.com
.akamaitech.net/.*/Banners/
.altavista.telia.com/av/pix/sponsors/
.amazon.com/g/associates/logos/
.annonce.insite.dk
.asinglesplace.com/asplink\.gif
.athand.com/rotation
.automatiseringgids.nl/gfx/advertenties/
#avenuea.com/Banners/
.avenuea.com/view/
.badservant.guj.de
.befriends.net/personals/matchmaking\.jpg
.bizad.nikkeibp.co.jp
.bs.gsanet.com/gsa_bs/
.cash-for-clicks.de
.cda.at/customer/
.cgicounter.puretec.de/cgi-bin/
.ciec.org/images/countdown\.gif
.classic.adlink.de/cgi-bin/accipiter/adserver.exe
.click.wisewire.com
#.clickhere.egroups.com/img/
.imagine-inc.com
.commonwealth.riddler.com/Commonwealth/bin/statdeploy\?[0-9]+
.customad.cnn.com
.dagbladet.no/ann-gif
.digits.com/wc/
dino.mainz.ibm.de
.dn.adzerver.com/image.ad
.ds.austriaonline.at
.emap.admedia.net
.etrade.com/promo/
.eur.yimg.com/a/
.eur.a1.yimg.com/eur.yimg.com/a/
.us.a1.yimg.com/us.yimg.com/a/
.eurosponsor.de
#fastcounter.linkexchange.com
.flycast.com
.focalink.com/SmartBanner
.freepage.de/cgi-bin/feets/freepage_ext/.*/rw_banner
.freespace.virgin.net/andy.drake
.futurecard.com/images/
.gaia.occ.com/click
.globaltrack.com
.globaltrak.net
.go.com/cimages\?SEEK_
.hitbox.com 
.home.miningco.com/event.ng/.*AdID
.hurra.de
.hyperbanner.net
.icount.com/.*count
image*.narrative.com/news/.*\.(gif|jpe?g)
.image.click2net.com
#image.linkexchange.com
.images.nytimes.com
.images.yahoo.com/adv/
.images.yahoo.com/promotions/
.imageserv.adtech.de
.img.web.de
.impartner.de/cgi-bin
informer2.comdirect.de:6004/cd/banner2
.infoseek.go.com/cimages
.ins.at/asp/images/
.kaufwas.com/cgi-bin/zentralbanner\.cgi
#leader.linkexchange.com
.link4ads.com
.link4link.com
.linktrader.com/cgi-bin/
.logiclink.nl/cgi-bin/
lucky.theonion.com/cgi-bin/oniondirectin\.cgi
lucky.theonion.com/cgi-bin/onionimp\.cgi
lucky.theonion.com/cgi-bin/onionimpin\.cgi
#m.doubleclick.net
.mailorderbrides.com/mlbrd2\.gif
.media.priceline.com
.mediaplex.com
.members.sexroulette.com
.messenger.netscape.com
.miningco.com/zadz/
# movielink became moviefone
.moviefone.com/.*(banner|newbutton|(ad|poster).*?\.gif|mmail|bytb|h_(guy|showtick|aML)|m_|icon_|NF_.*?back|h_.*?gif|media/(art|imagelinks(/MF.(ad|sponsor))))
mqgraphics.mapquest.com/graphics/Advertisements/
.netgravity.
.newads.cmpnet.com
.news.com/cgi-bin/acc_clickthru
.ngadcenter.net
.ngserve.pcworld.com/adgifs/
.nol.at:81
.nrsite.com
.nytsyn.com/gifs
.offers.egroups.com
.pagecount.com
.ph-ad*.focalink.com
.preferences.com
.promotions.yahoo.com
.pub.nomade.fr
.qsound.com/tracker/tracker.exe
.resource-marketing.com/tb/
.revenue.infi.net
.rtl.de/homepage/wb/images/
.schnellsuche.de/images/*
.shout-ads.com/cgibin/shout.php3
.sjmercury.com/advert/
.smartclicks.com/.*/smart(img|banner|host|bar|site)
.smh.com.au/adproof/
.spinbox1.filez.com
.static.wired.com/advertising/
.swiftad.com
.sysdoc.pair.com/cgi-sys/cgiwrap/sysdoc/sponsor\.gif
.t-online.de/home/040255162-001/*
.taz.de/taz/anz/
.tcsads.tcs.co.at
.teleauskunft.de/commercial/
.thecounter.com/id
.tm.intervu.net
.tvguide.com/rbitmaps/
.ubl.com/graphics/
.ubl.com/images/
.ultra.multimania.com
.ultra1.socomm.net
.uproar.com
.us.yimg.com/a/
.us.yimg.com/promotions/
.valueclick.com
.valueclick.net
.victory.cnn.com
.videoserver.kpix.com
.washingtonpost.com/wp-adv/
.webconnect.net/cgi-bin/webconnect.dll
.webcounter.goweb.de
.webserv.vnunet.com/ip_img/.*ban
.werbung.pro-sieben.de/cgi-bin
.whatis.com/cgi-bin/getimage.exe/
www..bigyellow.com/......mat.*
www.adclub.net
www.addme.com/link8\.gif
www.aftonbladet.se/annons
www.americanpassage.com/
www.angelfire.com/in/twistriot/images/wish4\.gif
www.bizlink.ru/cgi-bin/irads\.cgi
www.blacklightmedia.com/adlemur
www.bluesnews.com/flameq\.gif
www.bluesnews.com/images/ad[0-9]+\.gif
www.bluesnews.com/images/gcanim3\.gif
www.bluesnews.com/images/throbber2\.gif
www.bluesnews.com/miscimages/fragbutton\.gif
www.businessweek.com/sponsors/
www.canoe.ca/AdsCanoe/
www.cdnow.com/MN/client.banners
www.clickagents.com
www.clickthrough.ca
www.clicmoi.com/cgi-bin/pub\.exe
www.dailycal.org/graphics/adbanner-ab\.gif
www.detelefoongids.com/pic/[0-9]*
www.dhd.de/CGI/werbepic
www.dsf.de/cgi-bin/site_newiac.adpos
www.firsttarget.com/cgi-bin/klicklog.cgi
www.forbes.com/forbes/gifs/ads
www.forbes.com/tool/includes/gifs/
www.fxweb.holowww.com/.*\.cgi
www.geocities.com/TimesSquare/Zone/5267/
www.goto.com/images-promoters/
www.handelsblatt.de/hbad
www.hotlinks.de/cgi-bin/barimage\.cgi
www.infoseek.com/cimages
www.infoworld.com/pageone/gif
www.isys.net/customer/images
www.javaworld.com/javaworld/jw-ad
www.kron.com/place-ads/
www.leo.org/leoclick/
#www.linkexchange.ru/cgi-bin/erle\.cgi
www.linkstation.de/cgi-bin/zeige
www.linux.org/graphic/miniature/
www.linux.org/graphic/square/
www.linux.org/graphic/standard/
www.luncha.se/annonsering
www.mediashower.com
www.ml.org/gfx/spon/icom/
www.ml.org/gfx/spon/wmv
www.musicblvd.com/mb2/graphics/netgravity/
.nedstat.nl/cgi-bin/
www.news.com/Midas/Images/
www.newscientist.com/houseads
www.nextcard.com/affiliates/
www.nikkeibp.asiabiztech.com/image/NAIS4\.gif
www.nordlys.no/imaker/.*/.*/.*/.....\.gif   # alvin brattli
www.nordlys.no/imaker/.*/.*/.*/..003    # alvin brattli
www.oanda.com/server/banner
.omdispatch.co.uk
www.oneandonlynetwork.com
www.page2page.de/cgi-bin/
www.prnet.de/.*/bannerschnippel/.*\.(gif|jpe?g)
www.promptsoftware.com/marketing/
#www.reklama.ru/cgi-bin/banners/
www.riddler.com/sponsors/
www.rle.ru/cgi-bin/erle\.cgi
www.rock.com/images/affiliates/search_black\.gif
www.rtl.de/search/.*kunde
#www.search.com/Banners
www.sfgate.com/place-ads/
www.shareware.com/midas/images/borders-btn\.gif
#www.sjmercury.com/products/marcom/banners/
www.smartclicks.com:81
www.sol.dk/graphics/portalmenu
www.sponsornetz.de/jump/show.exe
www.sponsorpool.net
www.sunworld.com/sunworldonline/icons/adinfo.sm\.gif
www.swwwap.com/cgi-bin/
www.taz.de/~taz/anz/
www.telecom.at/icons/.*film\.(gif|jpe?g)
www.theonion.com/bin/
www.topsponsor.de/cgi-bin/show.exe
www.ugo.net
www.ugu.com/images/EJ\.gif
www.warzone.com/pics/banner/
www.warzone.com/wzfb/ads.cgi
www.webpeep.com
www.websitepromote.com/partner/img/
www.winjey.com/onlinewerbung/*\.gif
www.wishing.com/webaudit
www.www-pool.de/cgi-bin/banner-pool
www2.blol.com/agrJRU\.gif
www3.exn.net:80
.yahoo.com/CategoryID=0
.yahoo.de/adv/images

#swa
www.bannerland.de/click.exe
.cyberclick.net
.eu-adcenter.net
www.web-stat.com
www.slate.com/snav/
www.slate.com/redirect/
www.slate.com/articleimages/
.usads.imdb.com
www.forbes.com/tool/images/frontend/
www.zserver.com
www.spinbox.com
.pathfinder.com/shopping/marketplace/images/
/?.*/adbanner*
/?.*/adgraphic*
static.wired.com/images
.perso.estat.com/cgi-bin/perso/
#dinoadserver1.roka.net
.fooladclient*.fool.com
.affiliate.aol.com/static/
.cybereps.com:8000
.iadnet.com
.orientserve.com
.wvolante.com
.findcommerce.com
.smartage.com

# www.sunday-times.co.uk
www.sunday-times.co.uk/standing/newsint/ticker

#NeXgo (ex Germany.Net)
151.189.8.193
151.189.8.213

# Block as much of GeoCities as possible
# All geocities-owned images
www.geocities.com/images
www.geocities.com/MemberBanners/live/
pic.geocities.com/images
# And the popup (it still pops up, but does not eat up precious bandwidth)
#www.geocities.com/ad_container/pop.html # already fixed by other regexp

# from corion@informatik.uni-frankfurt.de
.sam.songline.com/@
.img.getstats.com/
#ads.xmonitor.net/xadengine.cgi # fixed by above regexp
# Also block the japanese geocities popups
www.geocities.co.jp/images
# Also block the come.to, surf.to etc. popups
.v3.come.to/pop.asp

# Also block the xoom stuff.
.xb.xoom.com
home.talkcity.com/homepopup.html.*

# Max Maischein <max.maischein@econsult.de> again ...
# Halflife.net uses WON banners
# Banners from Freeserve
#banner.freeservers.com/cgi-bin/fs_adbar # fixed by above regexp
# And those nasty va-popups !
/?.*/?va_banner.html
# And an all-around hit against advert*.jpg
/?.*/advert[0-9]+\.jpg
# And yet another Internet Explorer gif ...
/?.*/ie_horiz\.gif
# Some uninteresting buttons I think...
.mircx.com/images/buttons/
services.mircx.com/.*\.gif
# Easyspace - yet another "free disk space" provider with <yuck> banner popups
www.easyspace.com/(fpub)?banner.html
www.easyspace.com/100\.gif
# Some russian banner exchanges
.banner.ricor.ru/cgi-bin/banner.pl
#www.bizlink.ru/cgi-bin/irads.cgi # already fixed by other regexp
stx9.sextracker.com/stx/send/
# And even more of geocities :
www.geocities.com/pictures/
# Gaah - www.angelfire.com - another webspace provider with popups
.angelfire.com/sys/download.html
# Gamasutra.com uses this ad provider
sally.songline.com/@

# Eule.de (search engine)
# maybe images.eule.de as a whole...
www.eule.de/cgi-bin/
images.eule.de/comdirect\.gif 
images.eule.de/wp\.gif
.aladin.de/125_1\.gif
images.eule.de/neu/books\.gif

# --------------------------------------------------------------------------
#
# some images
#
# --------------------------------------------------------------------------

# some images on cnn's website just suck!
/.*cnnstore\.gif
/.*book.search\.gif
/.*cnnpostopinionhome.\.gif
/.*custom_feature\.gif
/.*explore.anim.*gif
/.*infoseek\.gif
/.*pathnet.warner\.gif
/.*images/cnnfn_infoseek\.gif
/.*images/pathfinder_btn2\.gif
/.*img/gen/fosz_front_em_abc\.gif
/.*img/promos/bnsearch\.gif
/.*navbars/nav_partner_logos\.gif
/BarnesandNoble/images/bn.recommend.box.*
/digitaljam/images/digital_ban\.gif
/hotstories/companies/images/companies_banner\.gif
/markets/images/markets_banner\.gif
/ows-img/bnoble\.gif
/ows-img/nb_Infoseek\.gif
.cnn.com/images/custom/totale\.gif
.cnn.com/images/lotd/custom.wheels\.gif
.cnn.com/images/.*/by/main.12\.gif
.cnn.com/images/.*/find115\.gif
.cnn.com/.*/free.email.120\.gif
.cnnfn.com/images/left_banner\.gif
.focus.de/A/AF/AFL/
www.cnn.com/images/.*/bn/books\.gif
www.cnn.com/images/.*/pointcast\.gif
www.cnn.com/images/.*/fusa\.gif
.cnn.com/images/.*/start120\.gif
images.cnn.com/SHOP/
/.*by/main\.gif
/.*gutter117\.gif
/.*barnes_logo\.gif
# the / indicates the beginning of the path (and no longer the FQDN)
/.*nbclogo\.gif
/.*microdell\.gif
/.*secureit\.gif

#
/gif/buttons/banner_
/gif/buttons/cd_shop_
/gif/cd_shop/cd_shop_ani_

#altavista
/av/gifs/av_map\.gif
/av/gifs/av_logo\.gif
/av/gifs/new/ns\.gif
altavista.com/i/valsdc3\.gif
jump.altavista.com/gn_sf

# tucows
tucows./images/locallogo\.gif

#
#mt_freshmeat\.jpg

# simpliemu.hypermart.net/frames.html
.go2net.com/mgic/adpopup
.go2net.com/metaspy/images/exposed\.gif
.go2net.com/metaspy/images/ms_un\.gif

#
www.cebu-usa.com/cwbanim1\.gif
www.cebu-usa.com/Connection\.jpg
www.cebu-usa.com/phonead\.gif
www.cebu-usa.com/ban3\.jpg
www.cebu-usa.com/tlban\.gif
www.cebu-usa.com/apwlogo1\.gif
www.cebu-usa.com/rose\.gif

# fnet
www.fnet.de/img/geldboerselogo\.jpg

# hirsch@mathcs.emory.edu
/images/getareal2\.gif

www.assalom.com/aziza/logos/cniaffil\.gif
www.assalom.com/aziza/logos/4starrl1\.gif
www.phantomstar.com/images/media/m1\.gif

#
.wahlstreet.de/MediaW\$/tsponline\.gif
.wahlstreet.de/MediaW\$/dzii156x60\.gif
.wahlstreet.de/MediaW\$/etban156x60_2_opt2\.gif

# linuxtoday.com
/pics/gotlx1\.gif
/pics/getareal1\.gif
/pics/amzn-b5\.gif
/ltbs/cgi-bin/click.cgi
.linuxtoday.com/ltbs/pics/

# Geocities popups
/ad[-_]container/
/include/watermark/v2/

# Reinier Bikker <R.P.Bikker@phys.uu.nl>
# Banner.xxLINK.nl/

# Mark Lutz <luma@nikocity.de>
/.*/*werb.*\.(gif|jpe?g) # hope that's not to restrictive

#Free Yellow thing at bottom of pages (HereticPC)
www.freeyellow.com/images/powerlink5a\.gif
www.freeyellow.com/images/powerlink5b\.gif
www.freeyellow.com/images/powerlink5c\.gif
www.freeyellow.com/images/powerlink5d\.gif
www.freeyellow.com/images/powerlink5e\.gif

#HereticPC
www.eads.com/images/refbutton\.gif
www.fortunecity.com/console2/newnav/*
www.goldetc.net/search\.gif
www.cris.com/~Lzrdking/carpix/cars3-le\.gif
www.justfreestuff.com/scott\.gif
www.cyberthrill.com/entrance\.gif
secure.pec.net/images/pec69ani\.gif
www.new-direction.com/avviva\.gif
/.*internetmarketingcenter\.gif
www.new-direction.com/wp-linkexchange-loop\.gif
www.new-direction.com/windough\.gif
www.digitalwork.com/universal_images/affiliate/dw_le_3\.gif
service.bfast.com/bfast/click/*
www.new-direction.com/magiclearning\.gif
www.new-direction.com/mailloop\.gif

www.free-banners.com/images/hitslogo\.gif
rob.simplenet.com/dyndns/fortune5\.gif
.nasdaq-amex.com/images/bn_ticker\.gif

#
# navilor@hotmail.com
#
#
# wayne@staff.msen.com
#
a*.*.*.yimg.com/([0-9]*|\/)*us.yimg.com/*
#ad.doubleclick.net
www.dnps.com/ads
www.realtop50.com/cgi-bin/ad


#
www.yacht.de/images/(my_ani|eissingani|chartertrans|fum|schnupper|fysshop|garmin)\.gif
www.sponsorweb.de/web-sponsor/nt-bin/show.exe

#
# Club-internet pops up a complain if you refuse cookie (still pops up...)
perso.club-internet.fr/html/Popup/popup_frame_nocookie.html
perso.club-internet.fr/pagesperso/popup_nocookie.html

.gmx.net/images/newsbanner/
.cash4banner.de

.quicken.lexware.de/images/us7-468x60.gif
/img/special/chatpromo\.gif
www.travelocity.com/images/promos/

# wonder that that does...
.p01.com/1x1.dyn

#/*.*/phpAds/viewbanner.php
#/*.*/phpAds/phpads.php

www.linux-magazin.de/banner    
.comtrack.comclick.com
.click-fr.com
.iac-online.de/filler

.media.interadnet.com
.stat.www.fi/cgi-bin
/cgi/banners.cgi
.ads-digi.sol.no
.fp.buy.com
.disneystoreaffiliates.com

.powerwork.mobile.de/cgi-bin/getimage\.cgi



####################################################
# Jon's addition:
#
# The Register ads - oh, and all images in Register stories (sigh).
www.theregister.co.uk/media/

# Used on http://www.theregister.co.uk/
# Sample advert URL:
# http://secure.webconnect.net/cgi-bin/webconnecthome.dll?F467
.webconnect.net

# Dilbert:
www.dilbert.com/comics/dilbert/images/.*_140x800.*\.gif

# stattrack.com
# Uses URL: http://www.stattrack.com/cgi-bin/stats/image.cgi
/cgi-bin/stats/
# And loads JavaScript from http://www.stattrack.com/stats/code
www.stattrack.com/stats/

#Now they're Yahoo GeoCities, their junk is in a different place.
##geo.yahoo.com/serv
##visit.geocities.com/visit.gif
.yimg.com/?.*/www.geocities.com/js_source
#http://us.toto.geo.yahoo.com/toto?s=76001086
.geo.yahoo.com
.visit.geocities.com
.yimg.com/?.*/www.geocities.com/

#http://counter16.bravenet.com/counter.php
counter*.

#http://stat.cybermonitor.com/7emezone_p?1707_USdvd
stat*.

#http://members.tripod.com/adm/popup/.....
members.tripod.com/adm/popup/

#This is the worst ad idea ever!
#count.exitexchange.com/exit/1100661
#count.exitexchange.com/clients/navbar.html
#(used in http://skyhivisuals.tripod.com/malfunctions_.htm)
.exitexchange.com

#SourceForge ads.
sfads.osdn.com

#This site traps the browser
.webhideout.com

#privacy.net runs ads
.a.consumer.net

#Lindsay.Marshall@newcastle.ac.uk suggested these, to kill Opera adverts:
www.qksrv.net
mirror.qkimg.net

#js
dinoadserver*.roka.net
logout.gmx.net
logout.tvspielfilm.de
gmx.tvspielfilm.de
www.freenet.de/customerindex\.html
/?.*/phpAds
.fxweb.com/v2-trackrun\.cgi
rtldating.peopleunited.de
.advertising.com
www.zdnet.com/fcgi-bin/
service.bfast.com/bfast/serve
199.172.144.25
fourohfour.nbci.com/Members404Error.php3
.adtech.de
.adlink.de
www.fair-ist-mehr.de/cgi-bin/bt.pl
.linkexchange.
/?.*/adpage.asp
/ADS
.net-on.net
rstrip.namezero.com
62.26.220.2
.doubleclick.net
.adserver.yahoo.com

#############################################################################
{-block}
#############################################################################
include.ebay.com
cpan.valueclick.com
www.userfriendly.org/images/banners/banner_dp_heart\.gif
advogato.org

#Why were these in the Waldherr blockfile?
#www.hitbox.com
#a*.*.*.yimg.com/([0-9]|\/)*us.yimg.com/i/*

# some regexps are simply too aggressive ...
#
# equalizer to /*.*(.*[-_.])?ads?[0-9]?(/|[-_.].*|.(gif|jpe?g)) 
# or other regexps
#
#
.adamwhone.co.uk
#adsl.tin.it
.stsci.edu
.tgs.com
.sun.com
.povray.org
.admin.
.ad.siemens.de             # SIEMENS Automation & Drives
#add-url.altavista.com
.adis.on.ca
#address*.*.*
#address*.*.*.*
ad[ud]*.
advice.

# univ. don't advertise, do they :-)
.edu
.ac.uk    # English Universities too! - Jon
.uni-*.de # What about Germany? --oes
www.ugu.com/sui/ugu/adv
adfa.edu.au
adsl*.

clubs.yahoo.com/clubs
edit.my.yahoo.com/config/show_identity
www.ix.de/newsticker/data/ad
www.heise.de/newsticker/data/ad
www.careernet.de/anzeige
www.careernet.de/bewerber/stellenanzeigen
www.baumgartner.de/stellenmarkt/anzeigen
www.dspartner.de/Anzeigen
www.aws-jobs.de/Anzeigen
www.jobware.de/.*/anzeigen/
www.jobworld.de/bilder/
www.cnn.com/TECH/computing/.*/internet.ads/
www.financial.de/shop/
.gnn.de/.*\.html
www.auktionen.de

194.221.152.2/phptelefontmp
.harvard.edu/images/banner/

.adswww.harvard.edu
www.dhd.de/CGI/anzeigen/

.ads.web.de/web/
.img.web.de/web/img/

www.segel.de/menu/bilder/anzeigen\.gif
www.corel.com/graphics/banners/
www.software.ibm.com/ad/
www.omg.org/docs/ad/

.sperrmuell.de/scripts/anzeigen
www.freenet.de/index.html
www.01019freenet.de/index.html
www.freenet.de/freenet/
www.01019freenet.de/freenet/
webfactory.de/anzeigen.php
www.cdmag.com
www.internatif.org/bortzmeyer/debian/sponsor/
.hp.com

www.software.hosting.ibm.com/ad/
www.ibm.com/software/ad/
.brickshelf.com

www.debian.org/Pics/banner-blue\.gif
www.linux.de/pics/Nachrichten_banner\.gif
www.werbekurier.de

finder.shopping.yahoo.com/shop/
.national.com/pf
.mozilla.org
.eidos.de
.e-sheep.com
.punkassgear.com
.mozilla.org
.mozillazine.org
.adbusters.org
.annoy.com
.consumer-direct.com
www.iez-auktion.de
.ibm.com
.sgi.com

# my banking stuff => no ads.
.comdirekt.de
.comdirect.de
.teledata.de


# Jon's addition: MSDN
.msdn.microsoft.com

#js
.adbusters.com
.freemail*.web.de/online/ordner/anzeigen
foggy.sda.t-online.de
.us.i1.yimg.com/us.yimg.com/i/pim/ad2.gif
www.nexgo.de/.*/bg_banner.jpg

# .*ads. matches prdownloads.sourceforge.net and many other download sites
# The fix is:
.*downloads.

# End of file