Merge https://notabug.org/sidetracked/cloudflare-tor

2025-03-31 04:20:56 +00:00 · 2019-05-05 15:23:01 -04:00 · 2019-05-05 15:23:01 -04:00 · 0f3c764bd7
commit 0f3c764bd7
parent bb0503944b 2f7816e6b4
21 changed files with 293 additions and 80 deletions
--- a/NEWS.md
+++ b/NEWS.md
@ -1,3 +1,19 @@
 *2019.03.13*
@thexpaw@birdsite:
 ```
 So why did I get that email anyway if I'm opted out of all email communication in the account settings?
 Which part of the privacy policy allows you to share data with marketing crap like trustpilot?
 ```
 https://twitter.com/thexpaw/status/1108424723233419264
 *2019.03.12*
 ```Cool new tool : Cloud Firewall```
 https://framapiaf.org/@gkrishnaks/101727497214557035
 *2019.03.03*
 ```
--- a/PEOPLE.md
+++ b/PEOPLE.md
@ -7,7 +7,7 @@ format:
 	"[TITLE](https://full.link/blog.html)" by [Who](Link)
 Sort:
-	New article: top
+	Recent article: top
 Disqualify:
 	- Cloudflared website
@ -23,10 +23,26 @@ Disqualify:
 "[Don’t Use Cloudflare Because You Impose This on People Who Least Want It](http://techrights.org/2019/02/17/the-cloudflare-trap/)" by [Dr. Roy Schestowitz](http://techrights.org/)
 "[Cloudflare: The bad, the worse and the ugly?](http://webschauder.de/cloudflare-the-bad-the-worse-and-the-ugly/)" by [Alle Beiträge](http://webschauder.de/author/jw/)
 "[I don’t trust Cloudflare with IPFS](https://blog.kareldonk.com/i-dont-trust-cloudflare-with-ipfs/)" by [Karel Donk](https://blog.kareldonk.com/)
 "[Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html)" by [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) - ([archive](http://archive.fo/139z1))
 "[Don't Trust CloudFlare](https://write.lain.haus/thufie/dont-trust-cloudflare)" by [@lunaterra@cyberia.social](https://cyberia.social/@lunaterra)
 "[Stay away from CloudFlare](http://www.unixsheikh.com/articles/stay-away-from-cloudflare.html)" by [Unix Sheikh](http://www.unixsheikh.com/)
 "[Support End-to-End Encryption on the Web](https://www.wordfence.com/blog/2017/03/support-end-to-end-encryption/)" by [Mark Maunder](https://www.wordfence.com/)
 "[Journal CloudFlare au milieu](https://linuxfr.org/users/thibg/journaux/cloudflare-au-milieu)" by [ThibG](https://linuxfr.org/)
 "[why you shouldn’t use Cloudflare](https://tech.tiq.cc/2016/01/why-you-shouldnt-use-cloudflare/)" by [tiq](https://tech.tiq.cc/)
 "[The CloudFlare MITM](https://web.archive.org/web/20160311163431/https://blog.paymium.com/2014/02/19/the-cloudflare-mitm/)" by [David FRANCOIS](https://blog.paymium.com/)
 "[Allergique à Cloudflare ? Voici comment vous soigner…](https://korben.info/cloudflare-mitm.html)" by [KORBEN](https://korben.info/)
 "[CloudFlare, We Have A Problem](http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/)" by [joepie91](http://cryto.net/~joepie91/)
 "[On Cloudflare](https://www.tyil.nl/post/2017/12/17/on-cloudflare/)" by [tyil](https://www.tyil.nl/)
@ -45,4 +61,8 @@ Disqualify:
 "[Ditch Cloudflare - Broken HTTPS/MiTM](https://greysec.net/showthread.php?tid=1256)" by [NO-OP](https://greysec.net/member.php?action=profile&uid=47)
 "[Cloudflare as a Security Risk - Support - Whonix Forum](http://forums.whonix.org/t/cloudflare-as-a-security-risk/2162)" by [entr0py](https://forums.whonix.org/u/entr0py)
 "[How likely is it that CloudFlare is an NSA operation?](https://www.quora.com/How-likely-is-it-that-CloudFlare-is-an-NSA-operation/answer/Hamid-Sarfraz)" by quora
 "[cloudflare 是如何转发 HTTPS 流量的？](https://www.v2ex.com/t/406759)" by [feast](https://www.v2ex.com/member/feast)
--- a/README.md
+++ b/README.md
@ -16,19 +16,31 @@ And their DNS service, [1.1.1.1](https://1.1.1.1/), is also filtering out users
 ![](image/dnscensor.jpg)
 And here you might think, "_I am not using Tor or VPN, why should I care?_".
 If you visit website which use Cloudflare, you are sharing your information not only to website owner _but also Cloudflare_.
 It is impossible to analyze without [decrypting TLS traffic](https://github.com/nym-zone/block_cloudflare_mitm_fx/issues/15#issuecomment-354773389). Cloudflare knows all your data such as raw password.
 [Cloudbeed](https://en.wikipedia.org/wiki/Cloudbleed) can happen anytime.
 Do you really want to share your data with Cloudflare, and also 3-letter agency?
 ![](image/dhssaid.jpg)
 ---
 This repository is a list of websites that are behind The Great Cloudwall, and also actively blocking Tor users.
-List
+Domain list
 * [Domains using Cloudflare](split/)
 * [Non-Cloudflare but filtering/blocking Tor users](not_cloudflare/)
 Information
-* [Padlock icon indicates a secure SSL connection established w MitM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835)
+* [Padlock icon indicates a secure SSL connection established w MitM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835) by Anonymous
-* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351)
+* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) by nym-zone
-* [Problem with CloudFlare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544)
+* [Problem with CloudFlare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley
-
+* [Criticism and controversies](https://en.wikipedia.org/wiki/Cloudflare#Criticism_and_controversies) by Wikipedia
 There are more details of why what they are doing is wrong available [here](cloudflare-philosophy.md).
 Also see [Frequently Asked Questions](faq.md).
@ -44,7 +56,7 @@ Also see [Frequently Asked Questions](faq.md).
 * Add WTF-Cloudflare news to [NEWS.md](NEWS.md)
 * Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.danwin1210.me/) (this will help collecting Searxes' "MITM domains")
 * Take a look at [add-on code](ismitmlink/) (how to use "MITM test API")
-* Subscribe to an ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://searxes.danwin1210.me/collab/open/getrss.php?q=tmg1news)" or follow ![](image/mstdn.jpg) [crimeflare@ieji.de](https://ieji.de/@crimeflare)
+* Subscribe to ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://ieji.de/users/crimeflare.rss)" or follow ![](image/mstdn.jpg) [crimeflare@ieji.de](https://ieji.de/@crimeflare)
 ![WTF](image/wtfcf.jpg)
--- a/cloudflare_owned_NS.txt
+++ b/cloudflare_owned_NS.txt
@ -1,62 +1,101 @@
 abby.ns.cloudflare.com
 adrian.ns.cloudflare.com
 aida.ns.cloudflare.com
 alan.ns.cloudflare.com
 albert.ns.cloudflare.com
 alex.ns.cloudflare.com
 alina.ns.cloudflare.com
 alla.ns.cloudflare.com
 amanda.ns.cloudflare.com
 amber.ns.cloudflare.com
 amy.ns.cloudflare.com
 andy.ns.cloudflare.com
 anna.ns.cloudflare.com
 apollo.ns.cloudflare.com
 arch.ns.cloudflare.com
 aria.ns.cloudflare.com
 art.ns.cloudflare.com
 asa.ns.cloudflare.com
 athena.ns.cloudflare.com
 austin.ns.cloudflare.com
 ben.ns.cloudflare.com
 bella.ns.cloudflare.com
 ben.ns.cloudflare.com
 beth.ns.cloudflare.com
 bob.ns.cloudflare.com
 brit.ns.cloudflare.com
 chan.ns.cloudflare.com
 coby.ns.cloudflare.com
 coco.ns.cloudflare.com
 cody.ns.cloudflare.com
 cory.ns.cloudflare.com
 darwin.ns.cloudflare.com
 dee.ns.cloudflare.com
-dom.ns.cloudflare.com
+demi.ns.cloudflare.com
 dina.ns.cloudflare.com
 dom.ns.cloudflare.com
 dora.ns.cloudflare.com
 dorthy.ns.cloudflare.com
 drew.ns.cloudflare.com
 duke.ns.cloudflare.com
 ed.ns.cloudflare.com
 edna.ns.cloudflare.com
 elinore.ns.cloudflare.com
 elmo.ns.cloudflare.com
 emma.ns.cloudflare.com
 etta.ns.cloudflare.com
 fay.ns.cloudflare.com
 foo.ns.cloudflare.com
 fred.ns.cloudflare.com
 gabe.ns.cloudflare.com
 gail.ns.cloudflare.com
 glen.ns.cloudflare.com
 guy.ns.cloudflare.com
 hank.ns.cloudflare.com
 heather.ns.cloudflare.com
 hugh.ns.cloudflare.com
 ian.ns.cloudflare.com
 igor.ns.cloudflare.com
 iris.ns.cloudflare.com
 jasmine.ns.cloudflare.com
 jeff.ns.cloudflare.com
 jerry.ns.cloudflare.com
 jill.ns.cloudflare.com
 jim.ns.cloudflare.com
 john.ns.cloudflare.com
 jonah.ns.cloudflare.com
 josh.ns.cloudflare.com
 kate.ns.cloudflare.com
 kevin.ns.cloudflare.com
 kim.ns.cloudflare.com
 kip.ns.cloudflare.com
 leah.ns.cloudflare.com
 lee.ns.cloudflare.com
 leia.ns.cloudflare.com
 lex.ns.cloudflare.com
 lily.ns.cloudflare.com
 lucy.ns.cloudflare.com
 matt.ns.cloudflare.com
 max.ns.cloudflare.com
 megan.ns.cloudflare.com
 melinda.ns.cloudflare.com
 miki.ns.cloudflare.com
 nelly.ns.cloudflare.com
 newt.ns.cloudflare.com
 nina.ns.cloudflare.com
 norm.ns.cloudflare.com
 norman.ns.cloudflare.com
 olga.ns.cloudflare.com
 pam.ns.cloudflare.com
 paul.ns.cloudflare.com
 pete.ns.cloudflare.com
 peyton.ns.cloudflare.com
 rachel.ns.cloudflare.com
 rick.ns.cloudflare.com
 rob.ns.cloudflare.com
 rose.ns.cloudflare.com
 seth.ns.cloudflare.com
 sofia.ns.cloudflare.com
 tegan.ns.cloudflare.com
 terin.ns.cloudflare.com
 theo.ns.cloudflare.com
 zoe.ns.cloudflare.com
--- a/cloudflare_owned_domains.txt
+++ b/cloudflare_owned_domains.txt
@ -6,6 +6,7 @@ cloudflare-quic.com
 cloudflare.com
 cloudflare.com.ve
 cloudflare.net
 workers.dev
 cloudflareapi.com
 cloudflareapps.com
 cloudflarechallenge.com
--- a/image/dhssaid.jpg
+++ b/image/dhssaid.jpg
--- a/image/matthew_prince.jpg
+++ b/image/matthew_prince.jpg
--- a/instructions.md
+++ b/instructions.md
@ -72,7 +72,9 @@ IMPORTANT: Please add only "Base Domain"
 | -------- | -------- |
 | list_error403.txt     | Returns HTTP Error 403 (Forbidden)     |
 | list_customerror.txt     | Returns custom error message (not HTTP 403)     |
-| list_other.txt     | (not necessary?)    |
+| list_other.txt     | any other form of tor-hostility or mistreatment |
 | list_siteground.txt | siteground.com is a Tor-hostile hosting service that indiscriminately DoSes all Tor users with the collective judgement: "our system thinks you might be a robot!" Sometimes the site functions, and sometimes it times out, but the robot accusation is very common. |
 | list_formerly_tor-hostile.txt | was previously on one of the above tor-hostile lists |
 ```
 IMPORTANT: Please add only "Base Domain" or "(base domain)[space](comment here)"
@ -93,4 +95,4 @@ Add them to [/not_cloudflare/](not_cloudflare/) (formerly "*TorBlocker Hall of S
 This is a collection of websites that ban Tor exits, other than through Cloudflare(e.g. showing access denied pages, systematic timing out connections, ...).
-[This add-ons](https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/) will help your list_error403 collection.
+[This add-ons](https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/) will help your list_error403 collection.
--- a/ismitmlink/bg.js
+++ b/ismitmlink/bg.js
@ -1,7 +1,16 @@
-const apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
+let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
-let mymemory = {};
+let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
-function ismitm(f) {
+fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
 	method: 'GET',
 	mode: 'cors'
 }).then(r => r.text()).then(r => {
 	if (r == 'hi') {
 		apiurl = TORapiurl;
 	}
 }).catch(() => {});
 function is_infected(f) {
 	return new Promise((g, b) => {
 		fetch(apiurl, {
 			method: 'POST',
@ -10,9 +19,7 @@ function ismitm(f) {
 				'Content-Type': 'application/x-www-form-urlencoded'
 			},
 			body: 'f=' + f
-		}).then(function (r) {
+		}).then(r => r.json()).then(r => {
 			return r.json();
 		}).then(function (r) {
 			if (r[0]) {
 				g(r[1]);
 			} else {
@ -22,29 +29,49 @@ function ismitm(f) {
 	});
 }
-browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
+function i_already_know_you(f) {
-	if (request && sender) {
+	if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
-		if (mymemory[request] != undefined) {
+		return false;
 			let rlt = mymemory[request];
 			if (Object.keys(mymemory).length > 20000) {
 				let cnt = 1;
 				for (let t in mymemory) {
 					if (cnt > 10) {
 						break;
 					}
 					mymemory[t] = null;
 					delete mymemory[t];
 					cnt++;
 				}
 			}
 			browser.tabs.sendMessage(sender.tab.id, [request, rlt]);
 		} else {
 			ismitm(request).then(function (a) {
 				mymemory[request] = a;
 				browser.tabs.sendMessage(sender.tab.id, [request, a]);
 			}, function () {
 				browser.tabs.sendMessage(sender.tab.id, [request, false]);
 			});
 		}
 	}
-});
+	return new Promise((g, b) => {
 		browser.storage.local.get(f).then((ff) => {
 			if (ff[f]) {
 				if (ff[f] == 'y') {
 					g(1);
 				} else {
 					g(-1);
 				}
 			} else {
 				g(0);
 			}
 		}, () => {
 			g(0);
 		});
 	});
 }
 function i_remember_you(f, t) {
 	browser.storage.local.set({
 		[f]: ((t) ? 'y' : 'n')
 	});
 }
 browser.storage.local.clear().then(() => {
 	browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
 		if (request && sender) {
 			i_already_know_you(request).then((r) => {
 				if (r == 1 || r == -1) {
 					browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
 				}
 				if (r == 0) {
 					is_infected(request).then((a) => {
 						i_remember_you(request, a);
 						browser.tabs.sendMessage(sender.tab.id, [request, a]);
 					}, () => {
 						browser.tabs.sendMessage(sender.tab.id, [request, false]);
 					});
 				}
 			}, () => {});
 		}
 	});
 }, () => {});
--- a/ismitmlink/cs.js
+++ b/ismitmlink/cs.js
@ -1,32 +1,32 @@
-if (document.body) {
+if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
-	if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
+	let cs = (function () {
-		let cs = (function () {
+		let s = document.createElement('style');
-			let s = document.createElement('style');
+		document.head.appendChild(s);
-			document.head.appendChild(s);
+		return s.sheet;
-			return s.sheet;
+	})();
-		})();
+	if (cs) {
-		if (cs) {
+		cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
-			cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
+		cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
-			cs.insertRule("a[data-mitm]::after{content:'[MITM!]';font-weight:bold}", 1);
+		cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
-		}
+		cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
 		let asked = [location.hostname, 'searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'];
 		document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
 			let aF = (new URL(a.href)).hostname;
 			if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3}))$/.test(aF) && !asked.includes(aF)) {
 				asked.push(aF);
 				browser.runtime.sendMessage(aF);
 			}
 		});
 		browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
 			if (request.length == 2) {
 				if (request[1]) {
 					document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
 						a.dataset.mitm = 1;
 						a.title = 'MITM!';
 					});
 				}
 			}
 			sendResponse(null);
 		});
 	}
 	let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
 	document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
 		let aF = (new URL(a.href)).hostname;
 		if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
 			asked.push(aF);
 			browser.runtime.sendMessage(aF);
 		}
 	});
 	browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
 		if (request.length == 2) {
 			if (request[1]) {
 				document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
 					a.dataset.mitm = 1;
 					a.title = 'DANGER! DANGER! MITM!';
 				});
 			}
 		}
 		sendResponse(null);
 	});
 }
--- a/ismitmlink/manifest.json
+++ b/ismitmlink/manifest.json
@ -2,9 +2,13 @@
   "manifest_version": 2,
   "name": "Are links vulnerable to MITM attack?",
   "description": "Scan FQDN using Searxes' API",
-   "version": "1.0.2",
+   "version": "1.0.4",
   "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
   "author": "Maslin Bossé",
-   "permissions": [],
+   "permissions": [
      "storage",
      "unlimitedStorage"
   ],
   "icons": {
      "32": "icons/32.png"
   },
--- a/not_cloudflare/README.md
+++ b/not_cloudflare/README.md
@ -1,4 +1,5 @@
 # Which websites are hostile to Tor users?
 Don't block us!
-Don't block us!
+See [instructions.md](file://../instructions.md) for file purpose and format specifications.
--- a/not_cloudflare/get_fqdn_tmg1.php
+++ b/not_cloudflare/get_fqdn_tmg1.php
@ -0,0 +1,23 @@
 <?php
 //License: WTFPL
 define('F_INPUT','noncloudflarelist.txt');
 define('F_OUTPUT','fqdnlist.txt');
 if (!file_exists(F_INPUT)){
 	die('File not found');
 }
 $result = array();
 foreach(explode("\n",file_get_contents(F_INPUT)) as $t){
 	$t = explode(' ',$t)[0];
 	if (preg_match("/^([a-z0-9-\.]{1,255})\.([a-z]{2,40})$/",$t)){
 		$result[] = $t;
 	}
 }
 $result = array_unique($result);
 file_put_contents(F_OUTPUT,implode("\n",$result));
 echo('Done');
--- a/not_cloudflare/list_customerror.txt
+++ b/not_cloudflare/list_customerror.txt
@ -1,9 +1,11 @@
 abclive.in
 aboutdebian.com
 adidas.de
 adsabs.harvard.edu
 aidspolicyproject.org
 airbnb.com
 Akamai
 Akamai's
 altcoins.com
 amazon.com
@ -30,6 +32,7 @@ blocktrail.com
 bloglovin.com
 bloomberg.com
 bodhizazen.net
 busbud.com
 casw-acts.ca
 cc.gatech.edu
 cessfull.com
@ -92,6 +95,7 @@ forums.linuxmint.com
 forums.whirlpool.net.au
 forum.synology.com
 foxnews.com
 Freenode
 gchq.gov.uk
 geizhals.at
 gemal.dk
@ -123,6 +127,7 @@ koelnspd.de
 leblogdebetty.com
 lenovo.com
 libertygb.org.uk
 lifewire.com
 linuxquestions.org
 livejournal.com
 loebner.net
@ -138,15 +143,18 @@ meaningness.com
 midtnmusic.com
 mixcloud.com
 moodle.org
 mosquitomagnet.com
 motorcyclecruiser.com
 mottweilerstudio.com
 n2value.com
 nacns.org
 nakedcapitalism.com
 nbnco.com.au
 nemlog-in.dk/login.aspx/noeglekort
 nepalmonitor.org
 netbank.com.au
 networktools.nl
 NetZone
 newark.com
 newgrounds.com
 news.ycombinator.com
@ -211,6 +219,8 @@ technologyreview.com
 thecultureblend.com
 thegrommet.com
 theislamicseminary.org
 thespruceeats.com
 thoughtco.com
 ti.com
 tineye.com
 tocloud.com
@ -237,6 +247,7 @@ vpforums.org
 walmart.com
 wayfair.com
 wbai.org
 webstix.com
 weforum.org
 whatthefuckshouldimakefordinner.com
 whiterose.samizdata.net
--- a/not_cloudflare/list_error403.txt
+++ b/not_cloudflare/list_error403.txt
@ -1,7 +1,10 @@
 abebooks.com
 ajc.com
 asus.com
 bitvps.com
 caot.ca
 captaintrain.com
 catbox.moe
 dluat.com
 europa.eu
 expo2015.org
@ -12,15 +15,26 @@ geocaching.com
 gutenberg.org
 hot-topic.co.nz
 hubpages.com
 intra.ruc.dk
 irs.gov
 knowyourmeme.com
 lastword.at
 libertymutual.com
 logon.e-boks.dk
 moodle.ruc.dk
 no2nsa.x10.bz
 republicbuzz.com
 rijksoverheid.nl
 safeco.com
 securifi.com
 signon.ruc.dk
 singpolyma.net
 stadssb.ruc.dk
 stefanv.com
 study.com
 theverge.com
 tomshardware.com
 wayfair.com
 wigle.net
 wikidevi.com
 witopia.net
--- a/not_cloudflare/list_formerly_tor-hostile.txt
+++ b/not_cloudflare/list_formerly_tor-hostile.txt
@ -0,0 +1,11 @@
 20-kudk.queue-it.net 403
 europa.eu            403
 gutenberg.org        403
 hot-topic.co.nz      403
 rijksoverheid.nl     403
 stefanv.com          403
 tomshardware.com     403
 usa.gov              customerror
 wigle.net            403
 wikidevi.com         403
 witopia.net          403
--- a/not_cloudflare/list_other.txt
+++ b/not_cloudflare/list_other.txt
@ -1 +1,3 @@
-(add FQDN here)
+borger.dk Click "Digital Post" and get redirected to nemlog-in.dk, which tells Tor users "A technical error has occurred."
 botsin.space The admin don't care Tor users. Tor user can't login or register at all.
 chase.com The bank gives you an opportunity to provide your login creds and then denies the user access and locks their credit card account permanently for "using an unauthorized device".  The action is irreversible, and card holders must sign up for a new card with new number if they want service.
--- a/not_cloudflare/list_siteground.txt
+++ b/not_cloudflare/list_siteground.txt
@ -0,0 +1,2 @@
 livingmoldfree.com
 thewimpyvegetarian.com
--- a/split/cloudflare_a.txt
+++ b/split/cloudflare_a.txt
@ -59123,6 +59123,7 @@ advisory.business
 advisorycloud.com
 advisory.co.uk
 advisory-count.review
 advisoryexcellence.com
 advisorygroupmkt.com
 advisoryhq.com
 advisoryhq.xyz
--- a/split/cloudflare_l.txt
+++ b/split/cloudflare_l.txt
@ -80907,6 +80907,7 @@ lhzqjmget.cn
 l-hzqpdf.cf
 lhzttz.com
 lhzxc.com
 li.me
 li02.com
 li0516os.com
 li09.com
--- a/what-to-do.md
+++ b/what-to-do.md
@ -72,9 +72,11 @@ If Cloudflare leak your information, it's not our fault. [*]
 | [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi) | nullius | [Link](https://github.com/nym-zone/block_cloudflare_mitm_fx) | **Yes**     | **Yes**     |
 | [Are links vulnerable to MITM?](https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/) | Maslin Bossé | [Link](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink) | No     | **Yes**     |
 | [Third-party Request Blocker (AMO)](https://addons.mozilla.org/en-US/firefox/addon/tprb/) | Searxes #Addon | [Link](https://searxes.danwin1210.me/) | **Yes**     | **Yes**     |
-| [TPRB](https://searxes.danwin1210.me/collab/tprb0/get_tprb0.php) | Sw | [Link](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/___go.php?go=sw) | **Yes**     | **Yes**     |
+| [TPRB](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | Sw | [Link](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | **Yes**     | **Yes**     |
 | [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [Link](https://github.com/traktofon/cf-detect) | No     | **Yes**     |
 | [Cloud Firewall](https://addons.mozilla.org/en-US/firefox/addon/cloud-firewall/) [*] | Gokulakrishna Sudharsan | [Link](https://gitlab.com/gkrishnaks/cloud-firewall/) | **Yes** | No |
 [*] Do not use it if you're using proxy/VPN/Tor because it has "[DNS leak](https://en.wikipedia.org/wiki/DNS_leak)".
 - Convince your friends to use [Tor Browser](https://www.torproject.org/) on the daily basis. Anonymity should be the standard of the open internet!
@ -96,6 +98,12 @@ If Cloudflare leak your information, it's not our fault. [*]
 - Do you need HTTPS certificate? Use "[Let's Encrypt](https://letsencrypt.org/)" or just buy it from CA company.
 - Do you need DNS server? Can't set up your own server? Then how about [Dyn.com](https://dyn.com/dns/), [Hurricane Electric Free DNS](https://dns.he.net/) or [this](https://freedns.afraid.org/)?
 - Looking for hosting service? "Free" only? Well, [how about this](https://www.reddit.com/r/webdev/comments/5m8tr4/how_do_i_host_the_website_i_just_built/dc1qpk7/)?
 - Are you using "cloudflare-ipfs.com"? Do you know [Cloudflare IPFS is bad](https://ieji.de/@crimeflare/101779952797884218)?
 - Install Web Application Firewall (such as OWASP) and Fail2Ban on _your_ server and configure it _properly_.
 - Set up [Tor Onion Service](https://www.torproject.org/docs/onion-services.html.en) or I2P insite if you believe in freedom and welcome anonymous users.
@ -132,12 +140,20 @@ Let's talk about _other software's privacy_...
 - PaleMoon developer [loves Cloudflare](https://github.com/mozilla-mobile/focus-android/issues/1743#issuecomment-345993097).
 - Waterfox actively using [Cloudflare on their servers](https://www.digwebinterface.com/?hostnames=www.waterfoxproject.org&type=A&ns=resolver&useresolver=8.8.4.4&nameservers=) and their software have [severe "phones home" problem](https://spyware.neocities.org/articles/waterfox.html).
 - Chrome is a [spyware](https://www.gnu.org/proprietary/malware-google.en.html).
- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/).
+- SRWare Iron make too many [phones home connection](https://spyware.neocities.org/articles/iron.html). It also connect to google domains.
 - Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/). Here's [more issues](https://spyware.neocities.org/articles/brave.html).
 - Microsoft Edge lets Facebook [run Flash code behind users' backs](https://www.zdnet.com/article/microsoft-edge-lets-facebook-run-flash-code-behind-users-backs/).
 - Vivaldi [does not respect your privacy](https://spyware.neocities.org/articles/vivaldi.html).
 Therefore we recommend "Tor Browser" only. Nothing else.
 ------------
 ###### "Mozilla Firefox" user
@ -164,9 +180,17 @@ Let's talk about _other software's privacy_...
 ![](image/firefoxdns.jpg)
- If you really need to use non-ISP DNS, consider using [OpenNIC Tier2 DNS service](https://wiki.opennic.org/start).
+- If you would like to use non-ISP DNS, consider using [OpenNIC Tier2 DNS service](https://wiki.opennic.org/start)
 ![](image/opennic.jpg) or any of non-Cloudflare DNS services.
-![](image/opennic.jpg)
+- You can use Tor as DNS resolver. If you're not Tor expert, [ask question here](https://tor.stackexchange.com/).
 > **How?**
 > 1. Download [Tor](https://www.torproject.org/) and install it on your computer.
 > 2. Add this line to "torrc" file. [DNSPort description](https://www.torproject.org/docs/tor-manual.html.en).
 > DNSPort 127.0.0.1:53
 > 3. Restart Tor.
 > 4. Set your computer's DNS server to "127.0.0.1".
 - Tell us if you see [this functionality](https://ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/) start to creep up beyond Firefox Nightly into more stable versions of Firefox.
@ -190,6 +214,8 @@ Let's talk about _other software's privacy_...
 - Let us know of any alternatives to help at least provide multiple layered defence against Cloudflare.
 - If you are a Cloudflare customer, set your privacy settings, and wait for them to violate them.  Then bring them under [anti-spam / privacy violation charges](https://twitter.com/thexpaw/status/1108424723233419264).
 - Try using [globalist](globalist.txt) to maintain this list.
 - If you are in the **United States of America** and the website in question is a bank or an accountant, try to bring legal pressure under the [Gramm–Leach–Bliley Act](https://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act), or the [Americans with DIsabilities Act](https://www.ada.gov/cguide.htm) and report back to us how far you get.
		`@ -0,0 +1,2 @@`
							`livingmoldfree.com`
							`thewimpyvegetarian.com`