AdguardVPN sketchy DNS requests. - eviltoast

After the discussion in the following post I dug a bit deeper the rabbit hole.

While I mostly relied on Exodus to see if an app has trackers in it… I was baffle to see all the sketchy requests it made while dumping the DNS requests with PCAPdroid

Over 200 shady requests in a few seconds after login… here’s a preview:

While I don’t use AdguardVPN, I have Adguard Home as my DNS server in my homelab… I think It’s time to switch to pi-hole !

Edit: VPN pcapdroid

    • N0x0n@lemmy.mlOP
      link
      fedilink
      arrow-up
      9
      ·
      edit-2
      8 months ago

      Hummm… These are probably normal request for the “average user”, but not for privacy advocates from this community:

      37.120.218.14 33across.com

      33Across has over 15 years of experience building identity resolution technology, programmatic monetization, and audience segmentation through big data and a global first-party publisher foundation. Future-proofing the industry’s addressable infrastructure, 33Across provides direct access to critical signals that power privacy-safe …

      193.19.204.51 usc1-gcp-v61.api.snapchat.com

      Snapchat’s Marketing API

      66.203.113.242 match.prod.bidr.io/

      Match.prod.bidr.io. Match.prod.bidr.io is an application for Chrome, Firefox, Edge and other Windows browsers that can annoy you with hundreds of pop-up ads, banners and promotional messages. In addition to that, Match.prod.bidr.io may automatically redirect your web searches to pre-defined web pages that generate pay-per-click revenue.

      212.102.40.187 init.supersonicads.com

      init.supersonicads.com is ‘s script. Going forward, it’s going to need help adding value to your business’ marketing efforts. Since 2017, this script has been at least 20-25% less effective than you think. Why? Because privacy-first browsing is here. This is a game changer for scripts like init.supersonicads.com and businesses like yours …

      Just to name a few… The list goes on… If this doesn’t raises an eyebrow of suspicion, than the privacy community is probably useless…

      Also, most of those links are blocked by default by uBlock origin.

      Edit: Why would a VPN application make a request to tiktokcdn.com.c.bytefcdn-oversea.com ? Okay It’s “just” a CDN, but why In the hell tiktok? I have never used any of those sketchy apps why would It need to go to tiktok or snapchat?