# blacklisted hosts of the form "127.0.0.1 hostname.tld" appened to /etc/hosts
# 127.0.0.1	www.ahostnamethatyouwanttoblackholebutwillneveractuallyseeontheinternet.net
# https://krebsonsecurity.com/2014/01/deconstructing-the-9-84-credit-card-hustle/
127.0.0.1	callscs.in
127.0.0.1	cewebcs.com
127.0.0.1	cs-casa.com
127.0.0.1	cewcs.com
127.0.0.1	eduacc.in
127.0.0.1	educs.in
127.0.0.1	eetsac.com
127.0.0.1	etosac.com
127.0.0.1	feosac.com
127.0.0.1	foculu.com
127.0.0.1	homecs.in
127.0.0.1	iawcs.com
127.0.0.1	iewcs.com
127.0.0.1	livecs.in
127.0.0.1	netcs.in
127.0.0.1	ntccs.in
127.0.0.1	ntsupp.com
127.0.0.1	onwsac.com
127.0.0.1	premcs.in
127.0.0.1	profcs.com
127.0.0.1	quikcs.com
127.0.0.1	sacluc.com
127.0.0.1	sacsis.com
127.0.0.1	sewcs.com
127.0.0.1	suppcs.in
127.0.0.1	tdwcs.com
127.0.0.1	techcs.in
127.0.0.1	vagacs.com
127.0.0.1	webcs.in

# https://guardianapp.com/ios-app-location-report-sep2018.html
127.0.0.1	api.areametrics.com
127.0.0.1	in.cuebiq.com
127.0.0.1	et.intake.factual.com
127.0.0.1	api.factual.com
127.0.0.1	api.beaconsinspace.com
127.0.0.1	api.huq.io
127.0.0.1	m2m-api.inmarket.com
127.0.0.1	mobileapi.mobiquitynetworks.com
127.0.0.1	sdk.revealmobile.com
127.0.0.1	api.safegraph.com
127.0.0.1	incoming-data-sense360.s3.amazonaws.com
127.0.0.1	ios-quinoa-personal-identify-prod.sense360eng.com
127.0.0.1	ios-quinoa-events-prod.sense360eng.com
127.0.0.1	ios-quinoa-high-frequency-events-prod.sense360eng.com
127.0.0.1	v1.blueberry.cloud.databerries.com
127.0.0.1	pie.wirelessregistry.com

# Blocking this domain breaks CNN app live streaming -- send to nginx blackhole
# To diagnose:
# tcpdump -e -ttt -i en0 -w my-iPad-cnn-3128.pcap src my-iPad or dst my-iPad
# grep -a 'URL: <a' < my-iPad-cnn-3128.pcap | perl -lne 's/^.*URL: <a href="https?:\/\/([-\w.]+)\/?.*?">.*$/\1/; print;' | uniq
127.0.0.1:8119	bea4.v.fwmrm.net