Privacybadger: List of blocked CDNs

Created on 22 Aug 2017 · 12Comments · Source: EFForg/privacybadger

The following is a list of CDNs that I noticed are being blocked (red) by default. I haven't noticed them breaking anything (unless they've been reported separately), but I figured I'd report anyway since I thought PB is not supposed to block CDNs.

cdn.engine.4dsply.com
keyframe-cdn.abcnews.com
video-cdn.abcnews.com
acdn.adnxs.com
cdn.adnxs.com
aka-cdn.adtechus.com
aka-cdn-ns.adtechus.com
cdn.altitude-arena.com
cdn.districtm.ca
cdn.dynamicyield.com
cdn1.editmysite.com
cdn2.editmysite.com
cdn.flashtalking.com
cdn.gigya.com
cdn1.gigya.com
cdn2.gigya.com
cdn3.gigya.com
cdns.gigya.com
cdns2.gigya.com
cdns.eu1.gigya.com
cdn.gowatchit.com
cdn1.graphiq.com
h-cdn.com
perr.h-cdn.com
player.h-cdn.com
cdn-gl.imrworldwide.com
cdnapisec.kaltura.com
cdnsecakmi.kaltura.com
cdn.komoona.com
cdn.krxd.net
secure-hwcdn.libsyn.com
lightboxcdn.com
www.lightboxcdn.com
maxcdn.com
oss.maxcdn.com
twemoji.maxcdn.com
cdn.meme.am
cdn-akamai.mookie1.com
cdn.lib.newsvine.com
cdn.onesignal.com
cdn-api.ooyala.com
videocdn-pmd.ora.tv
videocdn-pmd-embed.ora.tv
bento.cdn.pbs.org
ga.video.cdn.pbs.org
cdn.playbuzz.com
cdn.prizma.tv
cdn2.pubexchange.com
cdn.rawgit.com
rlcdn.com
idsync.rlcdn.com
rc.rlcdn.com
tap2-cdn.rubiconproject.com
cdn-static.sigalert.com
cdn-tiles.sigalert.com
sucdn.sphereup.com
cdn.springserve.com
cdn.statuspage.io
cdn.stickyadstv.com
swiftypecdn.com
s.swiftypecdn.com
cdn.taboola.com
cdn.taboolasyndication.com
tapatalk-cdn.com
cdn.teads.tv
ad-cdn.technoratimedia.com
cdn.tinypass.com
cdn.transifex.com
cdn.turn.com
ad2.cdns.turn.com
img.cdns.turn.com
cdn.tynt.com
cdn.undertone.com
ams-ucdn01.ustream.tv
bud-ucdn01.ustream.tv
cdngw.ustream.tv
sjc-ucdn11.ustream.tv
static-cdn1.ustream.tv
static-cdn2.ustream.tv
tcdn.ustream.tv
cdn.vidible.tv
mtc.cdn.vine.co
v.cdn.vine.co
cdn.w55c.net
cdn1.wibbitz.com
cdn3.wibbitz.com
cdn4.wibbitz.com
cdn7.wibbitz.com
cdn9.wibbitz.com
cdn.yldbt.com

heuristic migrations task

Source

terrorist96

All 12 comments

Should check if any of these are served by Cloudflare and were blocked because of __cfduid (#1538).

ghostwords on 22 Sep 2017

👍1

Here are the Cloudflare CDNs from the above list (copied to list.txt) I got using the following Bash snippet (makes a GET to "/" of each domain and sees if __cfduid is in the response headers):

for domain in $(cat list.txt); do curl -Iv -m10 "$domain" 2>&1 | grep -q __cfduid && echo "$domain"; done | sort

cdn1.graphiq.com
cdn2.pubexchange.com
cdn.districtm.ca
cdn.engine.4dsply.com
cdn.onesignal.com
cdn.prizma.tv
cdn.tinypass.com
cdn.tynt.com
lightboxcdn.com
www.lightboxcdn.com

ghostwords on 22 Sep 2017

I noticed emoji.tapatalk-cdn.com wasn't in your list but tapatalk-cdn.com was. The "emoji" subdomain does use Cloudflare; the base domain does not resolve to anything.

ghostwords on 22 Sep 2017

cdn.datatables.net is red by default too. this breaks websites using datatables!

Chamaeleon- on 5 Dec 2017

👍1

cdn.datatables.net should be fixed as part of #1538.

ghostwords on 7 Dec 2017

Previously: #363.

ghostwords on 10 Feb 2018

twemoji.maxcdn.com will affect websites that uses https://github.com/twitter/twemoji emoji images will not be displayed properly. I'd suggest to remove this from the blocklist.

ouchxp on 12 Sep 2018

Hi @ouchxp! Privacy Badger doesn't use blocklists; Privacy Badger learns what to block by watching which domains appear to track you as you browse.

Regarding Twitter Emoji: Please subscribe to #2009 to get notified of when we fix this for everybody. In the meantime you can fix this for yourself by visiting Privacy Badger's options page, selecting the Tracking Domains tab, searching for twemoji.maxcdn.com, and setting the domain to "yellow".

ghostwords on 12 Sep 2018

👍1

Is there any basis on why these CDNs are blocked?
The 7 blocked gigya CDNs are blocked of which one is used by TUI travel agency. I googled on "Gigya Account" which links me to this page:
https://developers.gigya.com/display/GD/accounts.login+REST

I understand it's a SAP Cloud-based platform for Customer data.

Are there any specific concerns about tracking by Gigya or any other entities other than the website or company using the Gigya platform to base their web-platform on?

brampat on 25 Apr 2019

Hello @brampat, apologies for the late reply.

Privacy Badger works by watching third-party domains and noting when they appear to track you as you browse the Web. If your Privacy Badger sees a domain perform tracking on three separate websites, it will start blocking that domain. Does that help explain why Gigya is blocked?

Are you asking because blocking Gigya breaks something somewhere? Could you file a broken site report so that we could take a look? If you do, I should be able to explain exactly why Gigya gets blocked.

ghostwords on 15 May 2019

Add stackpathcdn.com to your list of CDN's that are interfered with by Privacy Badger. Not sure what can be done to address the issues this causes with first party site functionality.