############################################################################# # Sample actions file for the Internet Junkbuster 2.9.x # # For information, see http://ijbswa.sourceforge.net/ # # $Id: actionsfile,v 1.8 2001/10/14 23:18:19 jongfoster Exp $ # ############################################################################# # Syntax ############################################################################# # # To determine which actions apply to a request, the URL of the request is # compared to all patterns in this file. Every time it matches, the list of # applicable actions for this URL is incrementally updated. You can trace # this process by visiting http://i.j.b/show-url-info # # There are 4 types of lines in this file: comments (like this line), # actions, aliases and patterns, all of which are explained below. # ############################################################################# # Pattern Syntax ############################################################################# # # 1. On Domains and Paths # ----------------------- # # Generally, a pattern has the form /, where both the # and part are optional. If you only specify a domain part, the "/" # can be left out: # # www.example.com # is a domain-only pattern and will match any request to www.yahoo.com # # www.example.com/ # means exactly the same # # www.example.com/index.html # matches only the document /index.html on www.example.com # # /index.html # matches the document /index.html, regardless of the domain # # index.html # matches nothing, since it would be interpreted as a domain name and # there is no top-level domain called ".html". # # 2. Domain Syntax # ---------------- # # The matching of the domain part offers some flexible options: If the # domain starts or ends with a dot, it becomes unanchored at that end: # # www.example.com # matches only www.example.com # # .example.com # matches any domain that ENDS in .example.com # # www. # matches any domain that STARTS with www. # # Additionally, there are wildcards that you can use in the domain names # themselves. They work pretty similar to shell wildcards: "*" stands for # zero or more arbitrary characters, "?" stands for one, and you can define # charachter classes in square brackets and they can be freely mixed: # # ad*.example.com # matches adserver.example.com, ads.example.com, etc but not sfads.example.com # # *ad*.example.com # matches all of the above # # .?pix.com # matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc # # www[1-9a-ez].example.com # matches www1.example.com, www4.example.com, wwwd.example.com, # wwwz.example.com etc, but not wwww.example.com # # You get the idea? # # 2. Path Syntax # -------------- # # Paths are specified as regular expressions. A comprehensive discussion of # regular expressions wouldn't fit here, but (FIXME) someone should paste # a concise intro to the regex language here. # # If Junkbuster was compiled with pcre support (default), Perl compatible # regular expressions are used. See the pcre/docs/ direcory or man perlre # (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for # details. # # Please note that matching in the path is CASE INSENSITIVE by default, but # you can switch to case sensitive at any point in the pattern by using # the "(?-i)" switch: # # www.example.com/(?-i)PaTtErN.* # will match only documents whose path starts with PaTtErN in exactly this # capitalization. # ############################################################################# # Action Syntax ############################################################################# # # There are 3 kinds of action: # # Boolean (e.g. "block"): # +name # enable # -name # disable # # Parameterized (e.g. "hide-user-agent"): # +name{param} # enable and set parameter to "param" # -name # disable # # Multi-value (e.g. "add-header", "wafer"): # +name{param} # enable and add parameter "param" # -name{param} # remove the parameter "param" # -name # disable totally # # The default (if you don't specify anything in this file) is not to take # any actions - i.e completely disabled, so JunkBuster will just be a # normal, non-blocking, non-anonymizing proxy. You must specifically # enable the privacy and blocking features you need (although the # provided default actions file will do that for you). # # Later actions always override earlier ones. For multi-valued actions, # the actions are applied in the order they are specified. # ############################################################################# # Valid actions are: ############################################################################# # # +add-header{Name: value} # Adds the specified HTTP header, which is not checked for validity. # You may specify this many times to specify many headers. # # +block # Block this URL # # +deanimate-gifs{last} # +deanimate-gifs{first} # Deanimate all animated GIF images, i.e. reduce them to their last # frame. This will also shrink the images considerably. (In bytes, # not pixels!) # If the option "first" is given, the first frame of the animation # is used as the replacement. If "last" is given, the last frame of # the animation is used instead, which propably makes more sense for # most banner animations, but also has the risk of not showing the # entire last frame (if it is only a delta to an earlier frame). # # +downgrade # Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the # responses as well. Use this action for servers that use HTTP/1.1 # protocol features that Junkbuster currently can't handle yet. # # +fast-redirects # Many sites, like yahoo.com, don't just link to other sites. # Instead, they will link to some script on their own server, # giving the destination as a parameter, which will then redirect # you to the final target. # # URLs resulting from this scheme typically look like: # http://some.place/some_script?http://some.where-else # # Sometimes, there are even multiple consecutive redirects encoded # in the URL. These redirections via scripts make your web browing # more traceable, since the server from which you follow such a link # can see where you go to. Apart from that, valuable bandwidth and # time is wasted, while your browser aks the server for one redirect # after the other. Plus, it feeds the advertisers. # # The +fast-redirects option enables interception of these requests # by junkbuster, who will cut off all but the last valid URL in the # request and send a local redirect back to your browser without # contacting the remote site. # # +filter # Filter the website through the re_filterfile # FIXME: The syntax should be +filter{filename} # # +hide-forwarded # Block any existing X-Forwarded-for header, and do not add a new one. # # +hide-from{block} # +hide-from{spam@sittingduck.xqq} # If the browser sends a "From:" header containing your e-mail address, # either completely removes the header ("block"), or change it to the # specified e-mail address. # # +hide-referer{block} # +hide-referer{forge} # +hide-referer{http://nowhere.com} # Don't send the "Referer:" (sic) header to the web site. You can # block it, forge a URL to the same server as the request (which is # preferred because some sites will not send images otherwise) or # set it to a constant string. # # +hide-referrer{...} # Alternative spelling of +hide-referer. Has the same parameters, # and can be freely mixed with, "+hide-referer". ("referrer" is the # correct English spelling, however the HTTP specification has a # bug - it requires it to be spelt "referer"). # # +hide-user-agent{browser-type} # Change the "User-Agent:" header so web servers can't tell your # browser type. (Breaks many web sites). Specify the user-agent # value you want - e.g., to pretend to be using Netscape on Linux: # +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)} # Or to identify yourself explicitly as a JunkBuster user: # +hide-user-agent{JunkBuster/1.0} # (Don't change the version number from 1.0 - after all, why tell them?) # # +image # Treat this URL as an image. This only matters if it's also "+block"ed, # in which case a "blocked" image can be sent rather than a HTML page. # See +image-blocker{} for the control over what is actually sent. # # +image-blocker{logo} # +image-blocker{blank} # +image-blocker{http://i.j.b/send-banner} # Decides what to do with URLs that end up tagged with {+block +image}. # There are 4 options. "-image-blocker" will send a HTML "blocked" page, # usually resulting in a "broken image" icon. "+image-blocker{logo}" # will send a "JunkBuster" image. "+image-blocker{blank}" will send # a 1x1 transparent GIF. And finally, "+image-blocker{http://xyz.com}" # will send a HTTP temporary redirect to the specified image - this # has the advantage of the icon being beeing cached by the browser, # which will speed up the display. # # # +limit-connect{portlist} # The CONNECT methods exists in HTTP to allow access to secure websites # (https:// URLs) through proxies. It works very simply: The proxy # connects to the server on the specified port, and then short-circuits # its connections to the cliant and to the remote proxy. # This can be a big security hole, since CONNECT-enabled proxies can # be abused as TCP relays very easily. # By default, i.e. in the absence of a +limit-connect action, Junkbuster # will only allow CONNECT requests to port 443, which is the standard port # for https. # If you want to allow CONNECT for more ports than that, or want to forbid # CONNECT altogether, you can specify a comma separated list of ports and port # ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K): # # +limit-connect{443} # This is the default and need no be specified. # +limit-connect{80,443} # Ports 80 and 443 are OK. # +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK. # # +no-compression # Prevent the website from compressing the data. Some websites do # that, which is a problem for junkbuster, since +filter, +no-popup # and +gif-deanimate will not work on compressed data. Will slow down # connections to those websites, though. # # +no-cookies-read # Prevent the website from reading cookies # # +no-cookies-set # Prevent the website from setting cookies # # +no-popup # +no-popups # Filter the website through a built-in filter to disable # window.open() etc. The two alternative spellings are # equivalent. # # +vanilla-wafer # This action only applies if you are using a jarfile. It sends a # cookie to every site stating that you do not accept any copyright # on cookies sent to you, and asking them not to track you. Of # course, this is a (relatively) unique header they could use to # track you. # # +wafer{name=value} # This allows you to add an arbitrary cookie. Specify it multiple # times in order to add several cookies. # ############################################################################# ############################################################################# # Aliases ############################################################################# {{alias}} ############################################################################# # # You can define a short form for a list of permissions - e.g., instead # of "-no-cookies-set -no-cookies-read -filter -fast-redirects", you can # just write "shop". This is called an alias. # # Currently, an alias can contain any character except space, tab, '=', '{' # or '}'. # But please use only 'a'-'z', '0'-'9', '+', and '-'. # # Alias names are not case sensitive. # # Aliases beginning with '+' or '-' may be used for system permission names # in future releases - so try to avoid alias names like this. (e.g. # "+no-cookies" below is not a good name) # # Aliases must be defined before they are used. # # Useful aliases +no-cookies = +no-cookies-set +no-cookies-read -no-cookies = -no-cookies-set -no-cookies-read fragile = -block -no-cookies -filter -fast-redirects -hide-referer -no-popups shop = -no-cookies -filter -fast-redirects +imageblock = +block +image +filter-all = +filter +no-compression #... etc. Customize to your heart's content. ############################################################################# # Defaults ############################################################################# {\ -block \ -downgrade \ +fast-redirects \ +filter \ +no-compression \ +hide-forwarded \ +hide-from{block} \ +hide-referer{forge} \ -hide-user-agent \ -image \ +image-blocker{http://i.j.b/send-banner} \ +no-cookies-read \ +no-cookies-set \ +no-popups \ +vanilla-wafer \ } / # Match all URLs ############################################################################# # A useful site for testing - shows all headers: # http://privacy.net/analyze/ ############################################################################# {+add-header{X-Privacy: Yes please} #-add-header{*} \ +add-header{X-User-Tracking: No thanks!} -filter} privacy.net ############################################################################# # Permissions list ############################################################################# # Sites that need cookies {-no-cookies} .javasoft.com .sun.com .yahoo.com .msdn.microsoft.com .sourceforge.net .sf.net www.nexgo.de .myrealbox.com mail.uni.de e-tools.freenet.de office.freenet.de # These sites are very complex and require # minimal interference. {fragile} .office.microsoft.com .windowsupdate.microsoft.com .deutsche-bank-24.de # Shopping sites - still want to block ads. {shop} .quietpc.com .worldpay.com # for quietpc.com .jungle.com .scan.co.uk # These shops require pop-ups {shop -no-popups} .dabs.com .overclockers.co.uk {-fast-redirects} www.ukc.ac.uk/cgi-bin/wac\.cgi\? login.yahoo.com edit.europe.yahoo.com .translate.google.com images.google.com .altavista.com/.*(like|url|link):http .altavista.com/trans.*urltext=http .speedfind.de # Please don't re_filter code! {-filter} .cvs.sourceforge.net # Hal reported that fast-redirects break this site {-no-cookies -fast-redirects} .nytimes.com # Test for new GIF deanimation feature. # Just try http://www.oesterhelt.org/deanimate-demo with and without it. # {+deanimate-gifs{last}} www.oesterhelt.org/deanimate-demo ############################################################################# # Imagelist: ############################################################################# {+image} ############################################################################# /.*\.gif /.*\.jpe?g /.*\.png ############################################################################# {+imageblock} ############################################################################# .adforce.imgis.com .ad.preferences.com/image.* .ads.web.aol.com .focalink.com .ad-adex3.flycast.com .ad.doubleclick.net .connect.247media.ads.link4ads.com .ln.doubleclick.net .mojofarm.mediaplex.com/ad/ www.carbuyer.com/cgi-carbuyer/getimage.cgi /phpAds(New)?/viewbanner\.php .ad.de.doubleclick.net /.*/count\.cgi\?.*df= *.fxweb.com/v2-trackrun\.cgi 195.63.104.61 195.63.104.222 213.165.64.3[4-9] 213.165.64.4[0-4] 194.221.183.22[1-7] a196.g.akamai.net/7/196/2670/000[1-3]/images\.gmx\.net/.*images/.*/.*/ /cgi-bin/ivw/CP/ 151.189.8.213/Adimg 151.189.8.193/Media .smartclicks.com/.*/smart(img|banner|host|bar|site) .linkexchange.com/.*/showl(ogo|e) MoneyBanner.de pixel.intares.net/cgi-bin/janus ############################################################################# # Blocklist: ############################################################################# {+block} ############################################################################# /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g)) /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/]) /.*/(ng)?adclient\.cgi /.*/(plain|live|rotate)[-_.]?ads?/ /.*/(sponsor)s?[0-9]?/ ###/*.*/(sponsor|banner)s?[0-9]?/ ###/*.*/.*banner([-_]?[a-z0-9]+)?\.(gif|jpg) /.*/_?(plain|live)?ads?(-banners)?/ /.*/abanners/ /.*/ad(sdna_image|gifs?)/ /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe) /.*/adbanners/ /.*/adserver /.*/adstream\.cgi /.*/adv((er)?ts?|ertis(ing|ements?))?/ /.*/anzei(gen)?/? /.*/ban[-_]cgi/ /.*/banner_?ads/ /.*/banner_?anzeigen /.*/bannerimage/ /.*/banners?/ /.*/banners?\.cgi/ /.*/cgi-bin/centralad/getimage /.*/images/addver\.gif /.*/images/advert\.gif /.*/images/marketing/.*\.(gif|jpe?g) /.*/place-ads /.*/popupads/ /.*/promobar.* /.*/publicite/ /.*/randomads/.*\.(gif|jpe?g) /.*/reklama/.*\.(gif|jpe?g) /.*/reklame/.*\.(gif|jpe?g) /.*/reklaam/.*\.(gif|jpe?g) /.*/siteads/ /.*/sponsor.*\.gif /.*/sponsors?[0-9]?/ /.*/ucbandeimg/ /.*/werb\..* /.*/werbebanner/ /.*/werbung/.*\.(gif|jpe?g) /.*/adv\. # www.telegraaf.nl /.*/advert[0-9]+\.jpg /.*bann\.gif /Media/Images/Adds/ /_banner/ /ad_images/ /adgenius/ /adimages/ /.*/ads/ /viewad/ /adserve/ /adverts/ /annonser?/ /bando/ /bannerad/ /bannerfarm/ /bin/getimage.cgi/...\?AD /bin/nph-oma.count/ct/default.shtml /bin/nph-oma.count/ix/default.html /cgi-bin/getimage.cgi/....\?GROUP= /cgi-bin/nph-load /cgi-bin/webad.dll/ad /cwmail/acc\.gif /cwmail/amzn-bm1\.gif /db_area/banrgifs/ /gif/teasere/ /grafikk/annonse/ /graphics/defaultAd/ /grf/annonif /htmlad/ /image\.ng/AdType /image\.ng/transactionID /images/.*/.*_anim\.gif # alvin brattli /ip_img/.*\.(gif|jpe?g) /marketpl*/ /minibanners/ /netscapeworld/nw-ad/ /promotions/houseads/ /rotads/ /rotateads/ /rotations/ /torget/jobline/.*\.gif /viewad/ /werbung/ /worldnet/ad\.cgi /zhp/auktion/img/ /cgi-bin/nph-adclick.exe/ /.*/Image/BannerAdvertising/ /.*/ad-bin/ /.*/adlib/server\.cgi /.*/gsa_bs/gsa_bs.cmdl /autoads/ /anz/pics/ # for our finnish friends, by Kai Puolamaki /.*/mainos/*.*/.*\.gif /.*/mainos/*.*/.*\.jpe?g # more from a finnish friend Petri Haapio cgi.tietovalta.fi .keltaisetsivut.fi/web/img/\.*gif .haku.net/pics/pana\.*gif .www.fi/guvat/\.*gif /.*/(.*[-_.].*)?maino(kset|nta|s).*(/|\.(gif|html?|jpe?g|png)) /.*/(ilm(oitus)?|kampanja)(hallinta|kuvat?)(/|\.(gif|html?|jpe?g|png)) # and even more from a finnish friend Hannu Napari 194.251.243.50/cgi-bin/banner www.dime.net/ad www.iltalehti.fi/ad www.iltalehti.fi/ilmkuvat www.mtv3.fi/mainoskuvat # /.*/adfinity /.*/[?]adserv /.*/bizgrphx/ /.*/smallad2\.gif /.*/ana2ad\.gif /.*/adimg/ /.*/.*counter\.pl /.*/spin_html/ /.*/images/topics/topicgimp\.gif .discovery.com/.*banner_id /.*/.*bannr\.gif .cruel.com/images/ .idrink.com/frm_bottom.htm /.*/.*pb_ihtml\.gif /.*/ph-ad.*\.focalink\.com /cgi-bin/adjuggler /we_ba/ # hausfrauenseite.de *bwhahahaaaaa* # ms sucks ! /.*(ms)?backoff(ice)?.*\.(gif|jpe?g) /.*(/ie4|/ie3|msie|sqlbans|powrbybo|activex|backoffice|explorer|netnow|getpoint|ntbutton|hmlink).*\.(gif|jpe?g) /.*activex.*(gif|jpe?g) /.*explorer?.(gif|jpe?g) /.*freeie\.(gif|jpe?g) /.*/ie_?(buttonlogo|static?|anim.*)?\.(gif|jpe?g) /.*ie_sm\.(gif|jpe?g) /.*msie(30)?\.(gif|jpe?g) /.*msnlogo\.(gif|jpe?g) /.*office97_ad1\.(gif|jpe?g) /.*pbbobansm\.(gif|jpe?g) /.*powrbybo\.(gif|jpe?g) /.*sqlbans\.(gif|jpe?g) /.*exc_ms\.gif /.*ie4get_animated\.gif /.*ie4_animated\.gif /.*n_iemap\.gif /.*ieget\.gif /.*logo_msnhm_* /.*mcsp2\.gif /.*msn2\.gif /.*add_active\.gif /.*n_msnmap\.gif /.*Ad00\.gif /.*s_msn\.gif /.*addchannel\.gif /.*adddesktop\.gif /.*/ns4\.gif /.*/v3sban\.gif /.*/?FPCreated\.gif /.*/opera35\.gif /.*/opera13\.gif /.*/opera_b\.gif /.*/ie_horiz\.gif /.*/ie_logo\.gif # ... and even more! /.*/favicon\.ico # generally useless information and promo stuff (commented out) #/.*/(counter|getpcbutton|BuiltByNOF|netscape|hotmail|vcr(rated)?|rsaci(rated)?|freeloader|cache_now(_anim)?|apache_pb|now_(anim_)?button|ie_?(buttonlogo|static?|.*ani.*)?)\.(gif|jpe?g) /.*/images/na/us/brand/ /.*/advantage\.(gif|jpg) /.*/advanbar\.(gif|jpg) /.*/advanbtn\.(gif|jpg) /.*/biznetsmall\.(gif|jpg) /.*/utopiad\.(gif|jpg) /.*/epipo\.(gif|jpg) /.*/amazon([a-zA-Z0-9]+)\.(gif|jpg) /.*/bnlogo.(gif|jpg) /.*/buynow([a-zA-Z0-9]+)\.(gif|jpg) /p/d/publicid # for the dutch folks by a dutch friend gertjan@west.nl /.*/Advertenties/ /.*/Adverteerders/ .netdirect.nl/nd_servlet/___ # -------------------------------------------------------------------------- # # specific servers # # -------------------------------------------------------------------------- # the next two lines work 12.16.1.10/web_GIF 12.16.1.10/~web_ani 193.158.37.3/cgi-bin/impact 193.210.156.114 193.98.1.160/img 194.231.79.38 195.124.124.56 195.27.70.69 195.30.94.21 195.63.104.*/(inbox|log|meld|folderlu|folderru|log(in|out)[lmr]u|) 199.78.52.10 .1st-fuss.com 204.253.46.71:1977 204.94.67.40/wc/ 205.153.208.93 205.216.163.62 205.217.103.58:1977 206.165.5.162/images/gcanim\.gif 206.221.254.181:80 206.50.219.33 207.137.96.35 207.159.129.131/abacus 207.159.135.72 207.82.250.9 207.87.15.234 207.87.27.10/tool/includes/gifs/ 208.156.39.14[24] 208.156.60.23[045] 209.1.112.252/adgraph/ 209.1.135.14[24]:1971 209.132.97.164/IMG/ 209.185.222.45 209.185.222.60 209.185.253.199 209.207.224.22[02]/servfu.pl 209.239.37.214/cgi-pilotfaq/getimage\.cgi 209.297.224.220 209.75.21.6 209.85.89.183/cgi-bin/cycle\?host 212.63.155.122/(banner|concret|softwareclub) 216.15.157.34 216.27.61.150 216.49.10.236/web1000/ .247media.com 62.144.115.12/dk/ .ICDirect.com/cgi-bin .Shannon.Austria.Eu.net/\.cgi/ .WebSiteSponsor.de 207.181.220.145 # # generic hosts (probably most effective) # ad*. .*ads. banner. .admaximize.com .imgis.com #/.*/*preferences.com* 1ad.prolinks.de .adwisdom.com .akamaitech.net/.*/Banners/ .altavista.telia.com/av/pix/sponsors/ .amazon.com/g/associates/logos/ .annonce.insite.dk .asinglesplace.com/asplink\.gif .athand.com/rotation .automatiseringgids.nl/gfx/advertenties/ #avenuea.com/Banners/ .avenuea.com/view/ .badservant.guj.de .befriends.net/personals/matchmaking\.jpg .bizad.nikkeibp.co.jp .bs.gsanet.com/gsa_bs/ .cash-for-clicks.de .cda.at/customer/ .cgicounter.puretec.de/cgi-bin/ .ciec.org/images/countdown\.gif .classic.adlink.de/cgi-bin/accipiter/adserver.exe .click.wisewire.com #.clickhere.egroups.com/img/ .imagine-inc.com .commonwealth.riddler.com/Commonwealth/bin/statdeploy\?[0-9]+ .customad.cnn.com .dagbladet.no/ann-gif .digits.com/wc/ dino.mainz.ibm.de .dn.adzerver.com/image.ad .ds.austriaonline.at .emap.admedia.net .etrade.com/promo/ .eur.yimg.com/a/ .eur.a1.yimg.com/eur.yimg.com/a/ .us.a1.yimg.com/us.yimg.com/a/ .eurosponsor.de #fastcounter.linkexchange.com .flycast.com .focalink.com/SmartBanner .freepage.de/cgi-bin/feets/freepage_ext/.*/rw_banner .freespace.virgin.net/andy.drake .futurecard.com/images/ .gaia.occ.com/click .globaltrack.com .globaltrak.net .go.com/cimages\?SEEK_ .hitbox.com .home.miningco.com/event.ng/.*AdID .hurra.de .hyperbanner.net .icount.com/.*count image*.narrative.com/news/.*\.(gif|jpe?g) .image.click2net.com #image.linkexchange.com .images.nytimes.com .images.yahoo.com/adv/ .images.yahoo.com/promotions/ .imageserv.adtech.de .img.web.de .impartner.de/cgi-bin informer2.comdirect.de:6004/cd/banner2 .infoseek.go.com/cimages .ins.at/asp/images/ .kaufwas.com/cgi-bin/zentralbanner\.cgi #leader.linkexchange.com .link4ads.com .link4link.com .linktrader.com/cgi-bin/ .logiclink.nl/cgi-bin/ lucky.theonion.com/cgi-bin/oniondirectin\.cgi lucky.theonion.com/cgi-bin/onionimp\.cgi lucky.theonion.com/cgi-bin/onionimpin\.cgi #m.doubleclick.net .mailorderbrides.com/mlbrd2\.gif .media.priceline.com .mediaplex.com .members.sexroulette.com .messenger.netscape.com .miningco.com/zadz/ # movielink became moviefone .moviefone.com/.*(banner|newbutton|(ad|poster).*?\.gif|mmail|bytb|h_(guy|showtick|aML)|m_|icon_|NF_.*?back|h_.*?gif|media/(art|imagelinks(/MF.(ad|sponsor)))) mqgraphics.mapquest.com/graphics/Advertisements/ .netgravity. .newads.cmpnet.com .news.com/cgi-bin/acc_clickthru .ngadcenter.net .ngserve.pcworld.com/adgifs/ .nol.at:81 .nrsite.com .nytsyn.com/gifs .offers.egroups.com .pagecount.com .ph-ad*.focalink.com .preferences.com .promotions.yahoo.com .pub.nomade.fr .qsound.com/tracker/tracker.exe .resource-marketing.com/tb/ .revenue.infi.net .rtl.de/homepage/wb/images/ .schnellsuche.de/images/* .shout-ads.com/cgibin/shout.php3 .sjmercury.com/advert/ .smartclicks.com/.*/smart(img|banner|host|bar|site) .smh.com.au/adproof/ .spinbox1.filez.com .static.wired.com/advertising/ .swiftad.com .sysdoc.pair.com/cgi-sys/cgiwrap/sysdoc/sponsor\.gif .t-online.de/home/040255162-001/* .taz.de/taz/anz/ .tcsads.tcs.co.at .teleauskunft.de/commercial/ .thecounter.com/id .tm.intervu.net .tvguide.com/rbitmaps/ .ubl.com/graphics/ .ubl.com/images/ .ultra.multimania.com .ultra1.socomm.net .uproar.com .us.yimg.com/a/ .us.yimg.com/promotions/ .valueclick.com .valueclick.net .victory.cnn.com .videoserver.kpix.com .washingtonpost.com/wp-adv/ .webconnect.net/cgi-bin/webconnect.dll .webcounter.goweb.de .webserv.vnunet.com/ip_img/.*ban .werbung.pro-sieben.de/cgi-bin .whatis.com/cgi-bin/getimage.exe/ www..bigyellow.com/......mat.* www.adclub.net www.addme.com/link8\.gif www.aftonbladet.se/annons www.americanpassage.com/ www.angelfire.com/in/twistriot/images/wish4\.gif www.bizlink.ru/cgi-bin/irads\.cgi www.blacklightmedia.com/adlemur www.bluesnews.com/flameq\.gif www.bluesnews.com/images/ad[0-9]+\.gif www.bluesnews.com/images/gcanim3\.gif www.bluesnews.com/images/throbber2\.gif www.bluesnews.com/miscimages/fragbutton\.gif www.businessweek.com/sponsors/ www.canoe.ca/AdsCanoe/ www.cdnow.com/MN/client.banners www.clickagents.com www.clickthrough.ca www.clicmoi.com/cgi-bin/pub\.exe www.dailycal.org/graphics/adbanner-ab\.gif www.detelefoongids.com/pic/[0-9]* www.dhd.de/CGI/werbepic www.dsf.de/cgi-bin/site_newiac.adpos www.firsttarget.com/cgi-bin/klicklog.cgi www.forbes.com/forbes/gifs/ads www.forbes.com/tool/includes/gifs/ www.fxweb.holowww.com/.*\.cgi www.geocities.com/TimesSquare/Zone/5267/ www.goto.com/images-promoters/ www.handelsblatt.de/hbad www.hotlinks.de/cgi-bin/barimage\.cgi www.infoseek.com/cimages www.infoworld.com/pageone/gif www.isys.net/customer/images www.javaworld.com/javaworld/jw-ad www.kron.com/place-ads/ www.leo.org/leoclick/ #www.linkexchange.ru/cgi-bin/erle\.cgi www.linkstation.de/cgi-bin/zeige www.linux.org/graphic/miniature/ www.linux.org/graphic/square/ www.linux.org/graphic/standard/ www.luncha.se/annonsering www.mediashower.com www.ml.org/gfx/spon/icom/ www.ml.org/gfx/spon/wmv www.musicblvd.com/mb2/graphics/netgravity/ .nedstat.nl/cgi-bin/ www.news.com/Midas/Images/ www.newscientist.com/houseads www.nextcard.com/affiliates/ www.nikkeibp.asiabiztech.com/image/NAIS4\.gif www.nordlys.no/imaker/.*/.*/.*/.....\.gif # alvin brattli www.nordlys.no/imaker/.*/.*/.*/..003 # alvin brattli www.oanda.com/server/banner .omdispatch.co.uk www.oneandonlynetwork.com www.page2page.de/cgi-bin/ www.prnet.de/.*/bannerschnippel/.*\.(gif|jpe?g) www.promptsoftware.com/marketing/ #www.reklama.ru/cgi-bin/banners/ www.riddler.com/sponsors/ www.rle.ru/cgi-bin/erle\.cgi www.rock.com/images/affiliates/search_black\.gif www.rtl.de/search/.*kunde #www.search.com/Banners www.sfgate.com/place-ads/ www.shareware.com/midas/images/borders-btn\.gif #www.sjmercury.com/products/marcom/banners/ www.smartclicks.com:81 www.sol.dk/graphics/portalmenu www.sponsornetz.de/jump/show.exe www.sponsorpool.net www.sunworld.com/sunworldonline/icons/adinfo.sm\.gif www.swwwap.com/cgi-bin/ www.taz.de/~taz/anz/ www.telecom.at/icons/.*film\.(gif|jpe?g) www.theonion.com/bin/ www.topsponsor.de/cgi-bin/show.exe www.ugo.net www.ugu.com/images/EJ\.gif www.warzone.com/pics/banner/ www.warzone.com/wzfb/ads.cgi www.webpeep.com www.websitepromote.com/partner/img/ www.winjey.com/onlinewerbung/*\.gif www.wishing.com/webaudit www.www-pool.de/cgi-bin/banner-pool www2.blol.com/agrJRU\.gif www3.exn.net:80 .yahoo.com/CategoryID=0 .yahoo.de/adv/images #swa www.bannerland.de/click.exe .cyberclick.net .eu-adcenter.net www.web-stat.com www.slate.com/snav/ www.slate.com/redirect/ www.slate.com/articleimages/ .usads.imdb.com www.forbes.com/tool/images/frontend/ www.zserver.com www.spinbox.com .pathfinder.com/shopping/marketplace/images/ /.*/adbanner* /.*/adgraphic* static.wired.com/images .perso.estat.com/cgi-bin/perso/ #dinoadserver1.roka.net .fooladclient*.fool.com .affiliate.aol.com/static/ .cybereps.com:8000 .iadnet.com .orientserve.com .wvolante.com .findcommerce.com .smartage.com # www.sunday-times.co.uk www.sunday-times.co.uk/standing/newsint/ticker #NeXgo (ex Germany.Net) 151.189.8.193 151.189.8.213 # Block as much of GeoCities as possible # All geocities-owned images www.geocities.com/images www.geocities.com/MemberBanners/live/ pic.geocities.com/images # And the popup (it still pops up, but does not eat up precious bandwidth) #www.geocities.com/ad_container/pop.html # already fixed by other regexp # from corion@informatik.uni-frankfurt.de .sam.songline.com/@ .img.getstats.com/ #ads.xmonitor.net/xadengine.cgi # fixed by above regexp # Also block the japanese geocities popups www.geocities.co.jp/images # Also block the come.to, surf.to etc. popups .v3.come.to/pop.asp # Also block the xoom stuff. .xb.xoom.com home.talkcity.com/homepopup.html.* # Max Maischein again ... # Halflife.net uses WON banners # Banners from Freeserve #banner.freeservers.com/cgi-bin/fs_adbar # fixed by above regexp # And those nasty va-popups ! /.*/?va_banner.html # And an all-around hit against advert*.jpg /.*/advert[0-9]+\.jpg # And yet another Internet Explorer gif ... /.*/ie_horiz\.gif # Some uninteresting buttons I think... .mircx.com/images/buttons/ services.mircx.com/.*\.gif # Easyspace - yet another "free disk space" provider with banner popups www.easyspace.com/(fpub)?banner.html www.easyspace.com/100\.gif # Some russian banner exchanges .banner.ricor.ru/cgi-bin/banner.pl #www.bizlink.ru/cgi-bin/irads.cgi # already fixed by other regexp stx9.sextracker.com/stx/send/ # And even more of geocities : www.geocities.com/pictures/ # Gaah - www.angelfire.com - another webspace provider with popups .angelfire.com/sys/download.html # Gamasutra.com uses this ad provider sally.songline.com/@ # Eule.de (search engine) # maybe images.eule.de as a whole... www.eule.de/cgi-bin/ images.eule.de/comdirect\.gif images.eule.de/wp\.gif .aladin.de/125_1\.gif images.eule.de/neu/books\.gif # -------------------------------------------------------------------------- # # some images # # -------------------------------------------------------------------------- # some images on cnn's website just suck! /.*cnnstore\.gif /.*book.search\.gif /.*cnnpostopinionhome.\.gif /.*custom_feature\.gif /.*explore.anim.*gif /.*infoseek\.gif /.*pathnet.warner\.gif /.*images/cnnfn_infoseek\.gif /.*images/pathfinder_btn2\.gif /.*img/gen/fosz_front_em_abc\.gif /.*img/promos/bnsearch\.gif /.*navbars/nav_partner_logos\.gif /BarnesandNoble/images/bn.recommend.box.* /digitaljam/images/digital_ban\.gif /hotstories/companies/images/companies_banner\.gif /markets/images/markets_banner\.gif /ows-img/bnoble\.gif /ows-img/nb_Infoseek\.gif .cnn.com/images/custom/totale\.gif .cnn.com/images/lotd/custom.wheels\.gif .cnn.com/images/.*/by/main.12\.gif .cnn.com/images/.*/find115\.gif .cnn.com/.*/free.email.120\.gif .cnnfn.com/images/left_banner\.gif .focus.de/A/AF/AFL/ www.cnn.com/images/.*/bn/books\.gif www.cnn.com/images/.*/pointcast\.gif www.cnn.com/images/.*/fusa\.gif .cnn.com/images/.*/start120\.gif images.cnn.com/SHOP/ /.*by/main\.gif /.*gutter117\.gif /.*barnes_logo\.gif # the / indicates the beginning of the path (and no longer the FQDN) /.*nbclogo\.gif /.*microdell\.gif /.*secureit\.gif # /gif/buttons/banner_ /gif/buttons/cd_shop_ /gif/cd_shop/cd_shop_ani_ #altavista /av/gifs/av_map\.gif /av/gifs/av_logo\.gif /av/gifs/new/ns\.gif altavista.com/i/valsdc3\.gif jump.altavista.com/gn_sf # tucows tucows./images/locallogo\.gif # #mt_freshmeat\.jpg # simpliemu.hypermart.net/frames.html .go2net.com/mgic/adpopup .go2net.com/metaspy/images/exposed\.gif .go2net.com/metaspy/images/ms_un\.gif # www.cebu-usa.com/cwbanim1\.gif www.cebu-usa.com/Connection\.jpg www.cebu-usa.com/phonead\.gif www.cebu-usa.com/ban3\.jpg www.cebu-usa.com/tlban\.gif www.cebu-usa.com/apwlogo1\.gif www.cebu-usa.com/rose\.gif # fnet www.fnet.de/img/geldboerselogo\.jpg # hirsch@mathcs.emory.edu /images/getareal2\.gif www.assalom.com/aziza/logos/cniaffil\.gif www.assalom.com/aziza/logos/4starrl1\.gif www.phantomstar.com/images/media/m1\.gif # .wahlstreet.de/MediaW\$/tsponline\.gif .wahlstreet.de/MediaW\$/dzii156x60\.gif .wahlstreet.de/MediaW\$/etban156x60_2_opt2\.gif # linuxtoday.com /pics/gotlx1\.gif /pics/getareal1\.gif /pics/amzn-b5\.gif /ltbs/cgi-bin/click.cgi .linuxtoday.com/ltbs/pics/ # Geocities popups /ad[-_]container/ /include/watermark/v2/ # Reinier Bikker # Banner.xxLINK.nl/ # Mark Lutz /.*/*werb.*\.(gif|jpe?g) # hope that's not to restrictive #Free Yellow thing at bottom of pages (HereticPC) www.freeyellow.com/images/powerlink5a\.gif www.freeyellow.com/images/powerlink5b\.gif www.freeyellow.com/images/powerlink5c\.gif www.freeyellow.com/images/powerlink5d\.gif www.freeyellow.com/images/powerlink5e\.gif #HereticPC www.eads.com/images/refbutton\.gif www.fortunecity.com/console2/newnav/* www.goldetc.net/search\.gif www.cris.com/~Lzrdking/carpix/cars3-le\.gif www.justfreestuff.com/scott\.gif www.cyberthrill.com/entrance\.gif secure.pec.net/images/pec69ani\.gif www.new-direction.com/avviva\.gif /.*internetmarketingcenter\.gif www.new-direction.com/wp-linkexchange-loop\.gif www.new-direction.com/windough\.gif www.digitalwork.com/universal_images/affiliate/dw_le_3\.gif service.bfast.com/bfast/click/* www.new-direction.com/magiclearning\.gif www.new-direction.com/mailloop\.gif www.free-banners.com/images/hitslogo\.gif rob.simplenet.com/dyndns/fortune5\.gif .nasdaq-amex.com/images/bn_ticker\.gif # # navilor@hotmail.com # # # wayne@staff.msen.com # a*.*.*.yimg.com/([0-9]*|\/)*us.yimg.com/* #ad.doubleclick.net www.dnps.com/ads www.realtop50.com/cgi-bin/ad # www.yacht.de/images/(my_ani|eissingani|chartertrans|fum|schnupper|fysshop|garmin)\.gif www.sponsorweb.de/web-sponsor/nt-bin/show.exe # # Club-internet pops up a complain if you refuse cookie (still pops up...) perso.club-internet.fr/html/Popup/popup_frame_nocookie.html perso.club-internet.fr/pagesperso/popup_nocookie.html .gmx.net/images/newsbanner/ .cash4banner.de .quicken.lexware.de/images/us7-468x60.gif /img/special/chatpromo\.gif www.travelocity.com/images/promos/ # wonder that that does... .p01.com/1x1.dyn #/*.*/phpAds/viewbanner.php #/*.*/phpAds/phpads.php www.linux-magazin.de/banner .comtrack.comclick.com .click-fr.com .iac-online.de/filler .media.interadnet.com .stat.www.fi/cgi-bin /cgi/banners.cgi .ads-digi.sol.no .fp.buy.com .disneystoreaffiliates.com .powerwork.mobile.de/cgi-bin/getimage\.cgi #################################################### # Jon's addition: # # The Register ads - oh, and all images in Register stories (sigh). www.theregister.co.uk/media/ # Dilbert: www.dilbert.com/comics/dilbert/images/.*_140x800.*\.gif # stattrack.com # Uses URL: http://www.stattrack.com/cgi-bin/stats/image.cgi /cgi-bin/stats/ # And loads JavaScript from http://www.stattrack.com/stats/code www.stattrack.com/stats/ #Now they're Yahoo GeoCities, their junk is in a different place. ##geo.yahoo.com/serv ##visit.geocities.com/visit.gif .yimg.com/.*/www.geocities.com/js_source #http://us.toto.geo.yahoo.com/toto?s=76001086 .geo.yahoo.com .visit.geocities.com .yimg.com/.*/www.geocities.com/ #http://counter16.bravenet.com/counter.php counter*. #http://stat.cybermonitor.com/7emezone_p?1707_USdvd stat*. #http://members.tripod.com/adm/popup/..... members.tripod.com/adm/popup/ #This is the worst ad idea ever! #count.exitexchange.com/exit/1100661 #count.exitexchange.com/clients/navbar.html #(used in http://skyhivisuals.tripod.com/malfunctions_.htm) .exitexchange.com #SourceForge ads. sfads.osdn.com #This site traps the browser .webhideout.com #privacy.net runs ads .a.consumer.net #Lindsay.Marshall@newcastle.ac.uk suggested these, to kill Opera adverts: www.qksrv.net mirror.qkimg.net #js dinoadserver*.roka.net logout.gmx.net logout.tvspielfilm.de gmx.tvspielfilm.de www.freenet.de/customerindex\.html /.*/phpAds .fxweb.com/v2-trackrun\.cgi rtldating.peopleunited.de .advertising.com www.zdnet.com/fcgi-bin/ service.bfast.com/bfast/serve 199.172.144.25 fourohfour.nbci.com/Members404Error.php3 .adtech.de .adlink.de www.fair-ist-mehr.de/cgi-bin/bt.pl .linkexchange. /.*/adpage.asp /ADS .net-on.net rstrip.namezero.com 62.26.220.2 .doubleclick.net .adserver.yahoo.com ############################################################################# {-block} ############################################################################# include.ebay.com cpan.valueclick.com www.userfriendly.org/images/banners/banner_dp_heart\.gif #Why were these in the Waldherr blockfile? #www.hitbox.com #a*.*.*.yimg.com/([0-9]|\/)*us.yimg.com/i/* # some regexps are simply too aggressive ... # # equalizer to /*.*(.*[-_.])?ads?[0-9]?(/|[-_.].*|.(gif|jpe?g)) # or other regexps # # .adamwhone.co.uk #adsl.tin.it .stsci.edu .tgs.com .sun.com .povray.org .admin. .ad.siemens.de # SIEMENS Automation & Drives #add-url.altavista.com .adis.on.ca #address*.*.* #address*.*.*.* ad[ud]*. advice. # univ. don't advertise, do they :-) .edu .ac.uk # English Universities too! - Jon .uni-*.de # What about Germany? --oes www.ugu.com/sui/ugu/adv adfa.edu.au adsl*. clubs.yahoo.com/clubs edit.my.yahoo.com/config/show_identity www.ix.de/newsticker/data/ad www.heise.de/newsticker/data/ad www.careernet.de/anzeige www.careernet.de/bewerber/stellenanzeigen www.baumgartner.de/stellenmarkt/anzeigen www.dspartner.de/Anzeigen www.aws-jobs.de/Anzeigen www.jobware.de/.*/anzeigen/ www.jobworld.de/bilder/ www.cnn.com/TECH/computing/.*/internet.ads/ www.financial.de/shop/ .gnn.de/.*\.html www.auktionen.de 194.221.152.2/phptelefontmp .harvard.edu/images/banner/ .adswww.harvard.edu www.dhd.de/CGI/anzeigen/ .ads.web.de/web/ .img.web.de/web/img/ www.segel.de/menu/bilder/anzeigen\.gif www.corel.com/graphics/banners/ www.software.ibm.com/ad/ www.omg.org/docs/ad/ .sperrmuell.de/scripts/anzeigen www.freenet.de/index.html www.01019freenet.de/index.html www.freenet.de/freenet/ www.01019freenet.de/freenet/ webfactory.de/anzeigen.php www.cdmag.com www.internatif.org/bortzmeyer/debian/sponsor/ .hp.com www.software.hosting.ibm.com/ad/ www.ibm.com/software/ad/ .brickshelf.com www.debian.org/Pics/banner-blue\.gif www.linux.de/pics/Nachrichten_banner\.gif www.werbekurier.de finder.shopping.yahoo.com/shop/ .national.com/pf .mozilla.org .eidos.de .e-sheep.com .punkassgear.com .mozilla.org .mozillazine.org .adbusters.org .annoy.com .consumer-direct.com www.iez-auktion.de .ibm.com .sgi.com # my banking stuff => no ads. .comdirekt.de .comdirect.de .teledata.de # Jon's addition: MSDN .msdn.microsoft.com #js .adbusters.com .freemail*.web.de/online/ordner/anzeigen foggy.sda.t-online.de .us.i1.yimg.com/us.yimg.com/i/pim/ad2.gif www.nexgo.de/.*/bg_banner.jpg prdownloads.sourceforge.net # End of file