Assign client tags automatically based on the clients behavior

[ameshkov]

Now that we have ctag modifier support, we should think about how to assign at least some of the tags automatically. At least we could assign os_* and device_* tags.

Here's what I suggest:

1. Create a ctag detector module that checks DNS queries and tries to figure out what the client's OS might be judging by its activity.
2. When we are sure that the client's OS is X.
3. Remember that the client may represent multiple different devices. If the client activity signals that there are different operating systems or devices in use, assign multiple tags.
4. Add a setting to the UI: "Add client tags automatically".

Activity marker

Every time a device connects to the network it connects to a number of home servers. This statement is true for every OS and I believe that this "marker" can help us detect the device type automatically.

Now, to do this we need to figure out what these "activity markers" for each OS/device might be and we need help with that.

How can you help us

Please do the following:

1. Make sure that your device uses AdGuard Home
2. Disconnect it from the network
3. Connect it to the network again
4. Wait for 30 seconds, do nothing while waiting
5. Get the list of domains requested by this device
6. Post the following here or send it to [email protected]: the list of domains requested, your device info (OS type, OS version, device model).

[AnthonyBe]

Amazon Echo Smart Speaker:
ntp-g7g.amazon.com
dp-rsm-prod.amazon.com
spectrum.s3.amazonaws.com
api.amazonalexa.com
device-metrics-us.amazon.com (blocked by AG Simple DNS filter)

There are many others, but the above are the more unique ones and they are polled regularly by my Echo devices.

[AnthonyBe]

Nest Protect (smoke detector)
weave-logsink.nest.com
czfe106.front01.iad01.production.nest.com

[AnthonyBe]

Hisense Smart TV
api-gps-em.hismarttv.com
auth-em.hismarttv.com
msg-em.hismarttv.com
api-launcher-em.hismarttv.com
auth-launcher-em.hismarttv.com
unified-ter-na.hismarttv.com
upgrade-em.hismarttv.com

[AnthonyBe]

SiliconDust HDHomeRun network TV tuner device
tuner-api.hdhomerun.com
location-api.hdhomerun.com

[AnthonyBe]

LIFX Smart light
v2.broker.lifx.co

[AnthonyBe]

Sensibo Smart Air Conditioner controller
new-emq.sensibo.com
new-config.sensibo.com

[AnthonyBe]

Foxtel cable/satellite set top box
_xmpp-client._tcp.managed.xmpp.foxtel.com.au
managed.xmpp.foxtel.com.au
foxtel-prod-events.digitalsmiths.net
e2.resources.foxtel.com.au
a1.resources.foxtel.com.au

[AnthonyBe]

Yamaha AV Receiver
avpro.global.yamaha.com

[AnthonyBe]

Netatmo smart home device
netcom.netatmo.net

[AnthonyBe]

Smart Lock - OEM digital key solution used by Ring.com, Kwikset, Nest and others
tumblergsprod.unikey.com

[AnthonyBe]

Wink Smart home controller
hub-api.wink.com

[AnthonyBe]

SolarEdge Inverter
prod2.solaredge.com

[AnthonyBe]

VELUX ACTIVE indoor climate control device
nv2-nxg.netatmo.net

[AnthonyBe]

Underfloor Heating Thermostat
owd5-r1099-thermostat.ojelectronics.com

OJElectronics is an OEM used by many brands of underfloor heating systems

[DandelionSprout]

Some of those entries posted by AnthonyBe above (which, let's be very honest, could and should have been posted in one single comment instead of 14) seems like a good fit for Perflyst's smart-TV list. I could submit them to it myself.

For the rest of them, some sort of smarthome-specific list would've had to be made, of which none are known to exist at the time of writing.

[ameshkov]

@AnthonyBe thank you so much!

@DandelionSprout well, the goal is not to add them to some blocklist but to use these domains as a "marker" of the device type

[DandelionSprout]

Ah, that explains it.

Also makes me feel slightly embarrassed for having automatically assumed that all of those entries were tracking/ad domains suitable for Perflyst. 😅

At least it's not much difficult to remove entries from his lists that'd be critical for unit functionality, though I only own Yamaha receivers among those units I took care of previously.

[hoshsadiq]

Sony TVs seem to be connecting to these:

||ad8641f3cff742de893d919add74c2bb.ssm1.internet.sony.tv^$important
||ad8641f3cff742de893d919add74c2bb.ssm2.internet.sony.tv^$important
||call.me.sel.sony.com^$important

These two can be generically pointed to TV device:

||reporting-tv1-live.youview.tv^$important
||reporting-tv1.youview.tv^$important

[TXC]

Philips Hue
diagnostics.meethue.com
dcp.dc1.philips.com
www.ecdinterface.philips.com

IKEA Trådfri
webhook.logentries.com

Synology NAS
checkip.synology.com
frlp.lp.cs.quickconnect.to

[DandelionSprout]

• Note to self: The following domains are not supposed to be blocked.
• Note to everyone: * is a wildcard for 2-letter country codes.

PlayStation 3:
a0.ww.np.dl.playstation.net
ena.net.playstation.net
feu01.ps3.update.playstation.net
getprof.*.np.community.playstation.net
iv0001-npxs01001-00.auth.np.ac.playstation.net
native-ps3.np.ac.playstation.net
nsx-e.np.dl.playstation.net
sf.prod.sonyentertainmentnetwork.com
static-resource.np.community.playstation.net
trophy.ww.np.community.playstation.net
trophy01.np.community.playstation.net
ubstorage01.ww.np.community.playstation.net
updptl.*.np.community.playstation.net
us.np.stun.playstation.net
*.np.adproxy.ndmdhs.com

Wii U:
account.nintendo.net
discovery.olv.nintendo.net
ecs.wup.shop.nintendo.net
ias.wup.shop.nintendo.net
mii-secure.account.nintendo.net
nncs1.app.nintendowifi.net
nncs2.app.nintendowifi.net
nppl.app.nintendo.net
npts.app.nintendo.net
nus.wup.shop.nintendo.net
pushmore.wup.shop.nintendo.net
tagaya.wup.shop.nintendo.net
wup-o2fgs.cdn.nintendo.net
npvk.app.nintendo.net

Nintendo 3DS (in 3DS mode):
ctr-adqj-live.s3.amazonaws.com
ctr-o2fgs.cdn.nintendo.net
hpp-00051600-l1.n.app.nintendowifi.net
hpp-00178800-l1.n.app.nintendowifi.net
l-npns.app.nintendo.net
nasc.nintendowifi.net
npdl.cdn.nintendowifi.net
nppl.c.app.nintendowifi.net
npul.c.app.nintendowifi.net
nus.c.shop.nintendowifi.net
pubeu-p.est.c.app.nintendowifi.net
tagaya-ctr.cdn.nintendo.net

T-We Boks II (Telenor Norway's main set-top box) (Also applies to T-We Boks 1 and T-We Boks Mini from the 24th of April 2020):
p-sdp-fe.tvs.telenor.net
p-sdp-mqtt.tvs.telenor.net
p-sdp-sso.tvs.telenor.net
tnfba-static.telenorcdn.net
tnfba-static2.telenorcdn.net
tnfba-stream-od.telenorcdn.net
ntp.online.no
d2emmtcqemyhm9.cloudfront.net

LG webOS TVs (Tested with LG 43UH603V):
*.rdx2.lgtvsdp.com
lgtvonline.lge.com
snu.lge.com
*.info.lgsmartad.com
*.lgtvsdp.com
(Various garbled letter combinations of between 8 and 15 letters)

Yamaha RX-V685 (Likely also applies to other receivers in the RX-Vx8x generations, especially RX-Vx85):
3573112786.airable.io
avpro.global.yamaha.com
avs.na.amazonalexa.com
ntp.airable.io
spectrum.s3.amazonaws.com

EPSON Eco-Tank ET-4550:
p01.epsonconnect.com
x01.epsonconnect.com

[ameshkov]

Btw, what about your phones? It's rather easy to detect iOS, but Android may be tricky because of the different manufacturers.

[AnthonyBe]

I've got a Samsung Galaxy S10+ running Android 10.
I rebooted it and checked the AGH logs to see what things stood out that in combination may help identify it:

points to Android device
android.clients.google.com
android.googleapis.com
time.android.com

points to Samsung device
sspapi-prd.samsungrs.com
api.samsungcloud.com
capi.samsungcloud.com
vas.samsungapps.com
us-auth2.samsungosp.com
acs.samsungmdec.com
nms-m0-ase1.samsungmdec.com
es-central-ase1.samsungmdec.com
acs-central-ase1.samsungmdec.com
pcscf1-c0-ase1.samsungmdec.com
pcscf2-c0-ase1.samsungmdec.com
pcscf3-c0-ase1.samsungmdec.com

points to Vodafone carrier provided handset
supl.vodafone.com

there was a lot of other *.googleapis.com stuff but that could be indicative of any Google app on any device.

[DandelionSprout]

Both of my current phones use LineageOS 14, so while my findings wouldn't be able to detect specific manufacturers, I suppose I could look into it nevertheless later today.

[DandelionSprout]

Trying to remember which apps on my Android 7.1.2 main phone that were Android-exclusive and which ones weren't, was rather difficult, but here's my findings for Android:

android.googleapis.com
in.appcenter.ms
firebaseinstallations.googleapis.com
android.clients.google.com
firebaseremoteconfig.googleapis.com
firebase-settings.crashlytics.com
play.googleapis.com
mighty-app.appspot.com
semanticlocation-pa.googleapis.com
googlehomefoyer-pa.googleapis.com
download.lineageos.org
dl.xposed.info
dl-xda.xposed.info
appsitemsuggest-pa.googleapis.com
os-*.storage.googleapis.com

If I find additional domains that seem to be specific to Android, I'll then update this comment.

[devinslick]

Rachio Irrigation Controller
pool.ntp.org
a3bmbcwe3hybwy.iot.us-west-1.amazonaws.com

Wyzecam
api.wyzecam.com
wyze-device-alarm-file.s3.us-west-2.amazonaws.com
gm.iotcplatform.com
cm.iotcplatform.com
time-a.nist.gov
a24rq1e5m4mtei-ats.iot.us-west-2.amazonaws.com

HarmonyHub
home.myharmony.com
sus.dhg.myharmony.com
ps-823.pubnub.com
svcs.myharmony.com
cf-svcs.myharmony.com

Tplink wifi switch
pool.ntp.org
time-a.nist.gov
deventry.tplinkcloud.com
devs.tplinkcloud.com
use1-api.tplinkra.com

Envisalink EyezOn
alerts2.envisacor.com

Some devices, like the the Rachio device listed above, may be difficult to identify based on their limited queries. Would correlating the manufacturer, based on the MAC address be useful, or possible?
Using this information you could see that the Rachio controller (44:91:60:00:00:00) was created by Murata Manufacturing Co., Ltd.
This would obviously require use of AGH as a DHCP server.

[IthildinX]

Xiaomi Air Purifier 2s(小米空氣淨化器2S)
api.miwifi.com
ot.io.mi.com

Mijia Smart AI Alarm Clock(小米小爱智能闹钟)
relay-dcm.ai.xiaomi.com

MiAiSoundbox(小爱触屏音箱)
api.ai.xiaomi.com
app.chat.xiaomi.net
broker.miwifi.com
relay-dcm.ai.xiaomi.com
app.chat.xiaomi.net
resolver.msg.xiaomi.net

zimi-powerstrip(米家智能插线板) & chuangmi-plug-m1/m3(米家智能插座wifi版/增強版)
ott.io.mi.com
ot.io.mi.com

dmaker-fan(米家直流變頻落地扇1X)
ot.io.mi.com
dlg.io.mi.com

[HorayNarea]

I have not a list of domains but more a domain-pattern: *hbbtv* indicates some kind of smart-TV

Edit:
A more specific regex would be ^hbbtv\.* as many stations (at least here in germany) publish their HbbTV content on this subdomain

[emlimap]

Amazon Firestick 4K

fireoscaptiveportal.com
aftv-xx-amazon-aftmm-xx.eu.api.amazonvideo.com (Where XX are numbers)
kinesis.us-east-1.amazonaws.com
<random characters & numbers>.eu.api.amazonvideo.com
api.amazon.com
arcus-uswest.amazon.com
msh.amazon.co.uk
msh.amazon.com
aviary.amazon.de
ktpx-uk.amazon.com
avs-alexa-18-eu.amazon.com
unagi-eu.amazon.com
spectrum.s3.amazonaws.com
aax-eu.amazon-adsystem.com
kraken-measurements.s3-external-1.amazonaws.com
mas-ext-eu.amazon.com
mas-sdk.amazon.com

Note: amazonvideo.com is also used by their apps on Smart TV's.

TP-Link Wifi Smart plug (HS100)

n-devs.tplinkcloud.com
time.nist.gov
pool.ntp.org

Denon DRA-800H (Network media player)

production.ws.skyegloup.com
v2.firmware.denon.jp

[zero77]

@ameshkov
Thia may be of help:
https://nmap.org/book/osdetect-fingerprint-format.html

[DandelionSprout]

Linux in general:

flathub.org
dl.flathub.org
download.opensuse.org
archive.canonical.com
packages.linuxmint.com
repo.protonvpn.com
security.ubuntu.com
_http._tcp.download.opensuse.org
_http._tcp.archive.canonical.com
_http._tcp.security.ubuntu.com
_http._tcp.packages.linuxmint.com
_https._tcp.repo.protonvpn.com
fedoraproject.org
nts.ntp.se (Often used on an opt-in basis in ntpsec, which is Linux-exclusive)
mirrors.rpmfusion.org
downloads.raspberrypi.org
archive.raspberrypi.org
archive.debian.org
snapshot.debian.org
ftp.debian.org
archive.archlinux.org
aur.archlinux.org
deb.torproject.org
deb.debian.org
cdn-fastly.deb.debian.org
aa037rv1tsaszxi6o.api.met.no (Used in GNOME's weather app)
samba (sic)
fr2.rpmfind.net
turnkeylinux.org
www.mirrorservice.org
archive.raspbian.org
download1.rpmfusion.org
ftp.archlinux.org
downloads.apache.org
downloads.openmandriva.org
start.fedoraproject.org
connectivity-check.ubuntu.com
cinnamon-spices.linuxmint.com
de.archive.ubuntu.com
ubuntu.mirror.tudos.de
deb.goaccess.io
_http._tcp.de.archive.ubuntu.com
_https._tcp.deb.goaccess.io
api.snapcraft.io
canonical-lgw01.cdn.snapcraftcontent.com
es.archive.ubuntu.com
esm.ubuntu.com
apt.sourcefabric.org
ftp.es.debian.org
debian.map.fastlydns.net
_http._tcp.security.debian.org

[DandelionSprout]

Android in general (alongside those of #1468 (comment)):

geomobileservices-pa.googleapis.com
telephonyspamprotect-pa.googleapis.com
android.pool.ntp.org
0.android.pool.ntp.org
1.android.pool.ntp.org
2.android.pool.ntp.org
3.android.pool.ntp.org
time.android.com
remotedesktop-pa.googleapis.com
adaway.org
blokada.org
subscriptionsmanagement-pa.googleapis.com
instantmessaging-pa.googleapis.com
offlinepages-pa.googleapis.com
android.bugly.qq.com
argo.svcmot.com (Primarily Motorola/Lenovo phones)
speechs3proto2-pa.googleapis.com
android-api-de.gumtree.com
telemetry.sdk.inmobi.com
api-in-orc.v-mate.mobi
api.v-mate.mobi
api16-access-gcp.pangle.io
log.apk.v-mate.mobi
tracking.intl.miui.com
beacons4.gvt2.com
pubsub.googleapis.com
optimizationguide-pa.googleapis.com
phonedeviceverification-pa.googleapis.com
sdk-android.ad.smaato.net
vapi.apk.v-mate.mobi
play-fe.googleapis.com
android-safebrowsing.google.com
footprints-pa.googleapis.com
play-lh.googleusercontent.com
beacons.gvt2.com
ogs.google.com
voledevice-pa.googleapis.com
cryptauthdevicesync.googleapis.com
deviceintegritytokens-pa.googleapis.com
playatoms-pa.googleapis.com
beacons.gcp.gvt2.com
vdemedo2-android.mobile-messenger.intercom.com
gllto.glpals.com

! Samsung phones
glb-odc.samsungapps.com
eu-api.samsungpositioning.com
vas.samsungapps.com
api-samsung.swypeconnect.com
data-private.samsunghealth.com
dc.dqa.samsung.com
api-diagmon.samsungdm.com
samsungbuiasr.vlingo.com
sdk.pushmessage.samsung.com
bixby-client.aibixby.com
api.glb.samsung-gamelauncher.com
config-api.internet.apps.samsung.com
runa.pushmessage.samsung.com
api.rb.sbixby.com
pf-hpx-us1.mpay.samsung.com
diagmon-serviceapi.samsungdm.com
vn-odc.samsungapps.com
shealth-social-api.samsunghealth.com
shealth-analytics-api.samsunghealth.com
samsappsbn.vo.llnwd.net
ureca.samsungapps.com

! Xiaomi phones
api.account.xiaomi.com
data.mistat.intl.xiaomi.com
weatherapi.intl.xiaomi.com
us.galleryapi.micloud.xiaomi.net
account.xiaomi.com
api.zhuti.intl.xiaomi.com
resolver.msg.global.xiaomi.net
app.chat.global.xiaomi.net
global.market.xiaomi.com
find.api.micloud.xiaomi.net
us.statusapi.micloud.xiaomi.net
sgp2.xmssdn.micloud.xiaomi.net
us.pdc.micloud.xiaomi.net
us.wifiapi.micloud.xiaomi.net
us.sfsapi.micloud.xiaomi.net
api.g.micloud.xiaomi.net
id.video.intl.xiaomi.com
us.micardapi.micloud.xiaomi.net
us.contactapi.micloud.xiaomi.net

! Huawei phones (May or may not overlap with Huawei's consumer websites)
consumer-res.huawei.com
consumer-img.huawei.com
cbg.huawei.com
consumer.huawei.com
ccpce-sg.consumer.huawei.com
shop-apiserver.huawei.com
s01.huaweifile.com
iforum-sg.c.huawei.com
itrinity-sg.c.huawei.com

! LineageOS
download.lineageos.org
stats.lineageos.org
not-used.com

! Amazon Fire
tablet.ntp-fireos.com
fireoscaptiveportal.com
consumer-api.eu-west-1.prod.fire-card.devices.a2z.com

! F-Droid
f-droid.org
guardianproject.info
apt.izzysoft.de
rfc2822.gitlab.io
android.pilight.org
mobileapp.bitwarden.com
fdroid.bromite.org
pkg.tox.chat
fdroid.cgeo.org
fdroid.a3.pm
fdroid.heartshine.xyz
fdroid.fedilab.app
fdroid.fluffychat.im
fdroid.frostnerd.com
f-droid.i2p.io
store.nethunter.com
fdroid.partidopirata.com.ar
fdroid.rakshazi.me
fdroid.getsession.org
fdroid.twinhelix.com
unofficial-protonmail-repository.gitlab.io
www.droidware.info
fdroid.videlibri.de
guardianproject-wind.s3.amazonaws.com
fdroid.zevvle.com

! Truecaller
premium-se1.truecaller.com
notifications5-eu.truecaller.com
account-eu.truecaller.com
presence-grpc-eu.truecaller.com
company-profile-eu.truecaller.com

! FitBit
android-cdn-api.fitbit.com
android-api.fitbit.com

! Opera Mini
global-turbo2-1.opera-mini.net
global-turbo2.opera-mini.net
mini5.opera-mini.net

! MX Player
androidc.mxplay.com
androidapi.mxplay.com

! Netflix
android.prod.ftl.netflix.com
android-appboot.netflix.com

! Pixelberry Studios games?
choicesapilive-android.pixelberrystudios.com
lp-choicesapilive-android.pixelberrystudios.com

api-proxy.nevo.app (Nevolution)
firefox-android-home-recommendations.getpocket.com (Firefox)
iptvdroid.monster (OLA TV?)
sdk-android.ad.smaato.net (Unknown)
in.airtel.rcs.telephony.goog (Airtel phone provider)

[DandelionSprout]

Windows 10 PCs:

download.windowsupdate.com
v10.events.data.microsoft.com
cxcs.microsoft.net
fp-as-nocache.azureedge.net
activity.windows.com
array501.prod.do.dsp.mp.microsoft.com
array511.prod.do.dsp.mp.microsoft.com
geo.prod.do.dsp.mp.microsoft.com
kv501.prod.do.dsp.mp.microsoft.com
cp501.prod.do.dsp.mp.microsoft.com
disc501.prod.do.dsp.mp.microsoft.com
displaycatalog.mp.microsoft.com
ieonline.microsoft.com
ctldl.windowsupdate.com
go.microsoft.com
bsy9e7pgs8.execute-api.us-west-2.amazonaws.com
checkappexec.microsoft.com
self.events.data.microsoft.com
settings-win.data.microsoft.com
continuum.dds.microsoft.com
collections.md.mp.microsoft.com
msftconnecttest.com
time.windows.com
api.edgeoffer.microsoft.com
livetileedge.dsx.mp.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
pti.store.microsoft.com
umwatson.events.data.microsoft.com
licensing.mp.microsoft.com
pti.store.microsoft.com
nav.smartscreen.microsoft.com
checkappexec.microsoft.com
client.wns.windows.com
bgpdefault-chg.msedge.net
tsfe.trafficshaping.dsp.mp.microsoft.com
msedge.b.tlu.dl.delivery.mp.microsoft.com
msedge.f.dl.delivery.mp.microsoft.com
geover.prod.do.dsp.mp.microsoft.com
storecatalogrevocation.storequality.microsoft.com

! Microsoft Office 365 (Confirmed to *not* overlap with Office for Android. May or may not overlap with macOS.)
nleditor.osi.office.net
onedriveclucproddm20025.blob.core.windows.net
uci.cdn.office.net
binaries.templates.cdn.office.net
augloop.office.com

! «Movies & TV» (May or may not overlap with Xbox X/S/One)
mvr-player.rec.mp.microsoft.com
ratingsedgefd.dsx.mp.microsoft.com
activation2.playready.microsoft.com

! Ubisoft Connect (Windows-exclusive app)
public-ubiservices.ubi.com
ubisoft-avatars.akamaized.net
channel-service.upc.ubi.com
ecom-cdn.ubi.com
news-page-themes-api.a.upc.ubisoft.com
100015380.collect.igodigital.com

! 3DMark (The domains in question are presumed Windows-exclusive)
commons.ul.com
futuremark.onfastspring.com
benchmarks.formtitan.com

www.videosoftdev.com (VSDC Video Editor updates)
www.aomeitech.com (AOMEI Partition Assistant updates)
www.disk-partition.com (AOMEI Partition Assistant updates)
liveupdate.gocyberlink.com (CyberLink PowerDVD 16 updates)
patchmypc.net (PatchMyPC updates)
sumatrapdfreader.com (SumatraPDF updates)
evoke-windowsservices-tas-msedge-net.e-0009.e-msedge.net (Microsoft Edge)

[DandelionSprout]

Nintendo Switch:

812569155361-datastore-nex-ecs.s3.amazonaws.com
aauth-lp1.ndas.srv.nintendo.net
app-b05.lp1.npns.srv.nintendo.net
app.lp1.five.nintendo.net
aqua.hac.lp1.d4c.nintendo.net
assets-cdn-live.share.srv.nintendo.net
bcat-list-lp1.cdn.nintendo.net
bcat-topics-lp1.cdn.nintendo.net
broker.lp1.npns.srv.nintendo.net
bugyo.hac.lp1.eshop.nintendo.net
capi.lp1.op2.nintendo.net
ctest-dl-lp1.cdn.nintendo.net
ctest-ul-lp1.cdn.nintendo.net
ctest.cdn.nintendo.net
d7d-arzn-b.g.lp1.e.srv.nintendo.net
dauth-lp1.ndas.srv.nintendo.net
dragons.hac.lp1.dragons.nintendo.net
e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com
g23380901-lp1.s.n.srv.nintendo.net
g23bda200-lp1.s.n.srv.nintendo.net
ias-lp1.hac.shop.nintendo.net
lp1.nso.nintendo.net
nncs1-lp1.n.n.srv.nintendo.net
nncs2-lp1.n.n.srv.nintendo.net
receive-lp1.dg.srv.nintendo.net
scsi-download.lp1.scsi.srv.nintendo.net
scsi-policy-lp1.cdn.nintendo.net
scsi-upload-lp1.s3.us-west-2.amazonaws.com
storage.lp1.scsi.srv.nintendo.net
sun.hac.lp1.d4c.nintendo.net
tagaya.hac.lp1.eshop.nintendo.net
web-lp1.share.srv.nintendo.net

[DandelionSprout]

iOS in general. The extent to which they overlap (if at all) with macOS, or the Windows version of iTunes, is unclear:

1-courier.push.apple.com
20-courier.push.apple.com
24-courier.push.apple.com
40-courier.push.apple.com
amp-api.apps.apple.com
app-site-association.cdn-apple.com
appldnld.apple.com
appldnld.g.aaplimg.com
apple-finance.query.yahoo.com
apps-mzstatic-cdn.itunes-apple.com.akadns.net
bag.itunes.apple.com
c.apple.news
ca.iadsdk.apple.com
cdn.cvws.apple-dns.net
cdn2.smoot.apple.com
commnat-cohort-gc.ess.apple.com
configuration.apple.com.akadns.net
configuration.ls.apple.com
doh.dns.apple.com
eu-north-courier-4.push-apple.com.akadns.net
fbs.smoot.apple.com
finance-app.itunes.apple.com
fmf.fe.apple-dns.net
fmfmobile.fe.apple-dns.net
fmipmobile.fe.apple-dns.net
gateway-asset.ce.apple-dns.net
gateway.fe.apple-dns.net
geo-applefinance-cache.internal.query.g03.yahoodns.net
gs-loc.apple.com
gs-loc.ls-apple.com.akadns.net
gsas.apple.com
gsas.idms-apple.com.akadns.net
gsp-ssl.ls-apple.com.akadns.net
gspe1-ssl.ls.apple.com
gspe11-ssl.ls.apple.com.edgekey.net
gspe19-kittyhawk-ssl.ls.apple.com
gspe79-ssl.ls.apple.com
inappcheck-lb.itunes-apple.com.akadns.net
init.ess.apple.com
init.push.apple.com
iosapps.itunes.apple.com
iosapps.itunes.g.aaplimg.com
iphone-ld.apple.com
iphone-ld.origin-apple.com.akadns.net
iphonesubmissions.apple.com
iphonesubmissions.apple.com.akadns.net
keyvalueservice.fe.apple-dns.net
lcdn-locator.apple.com
marketplace-ios-b195.hyprmx.com
mesu-cdn.origin-apple.com.akadns.net
mesu.apple.com
news-client-search.apple.com
news-edge.apple.com
news-edge.origin-apple.com.akadns.net
news-events.news.apple-dns.net
p44-fmfmobile.icloud.com
p44-fmipmobile.icloud.com
pr-pod2-smp-device.apple.com
pr-pod2-smp-device.gcsis-apple.com.akadns.net
production-mobile-lb-1918289095.us-east-1.elb.amazonaws.com
proxy.safebrowsing.apple
sandbox.itunes-apple.com.akadns.net
seed-siri-apple-com.v.aaplimg.com
seed-swallow.siri.apple.com
setup.fe.apple-dns.net
smp-device-content.apple.com
sms-01.ios.mwbsys.com
su-applak.itunes-apple.com.akadns.net
time-ios.apple.com
time-ios.g.aaplimg.com
time-osx.g.aaplimg.com
weather-data.apple.com
xp.apple.com
xp.itunes-apple.com.akadns.net

! Netflix
ios.prod.cloud.netflix.com
ios.prod.ftl.netflix.com

iphone.life360.com (Life360 app)
f-log-mobile-ios.grammarly.io (Grammarly app?)
iphone.eurosport.com (Eurosport app)
ioshost.qtlcdn.com (PR-China only?)

[DandelionSprout]

LG BP200 Blu-Ray player:

www.lge.com
acdnus.lge.com
lgblu.accu-weather.com
lge.accu-weather.com

Samsung 2020-released TVs (in addition to the 5-ish blocklists out there for Samsung TVs):

cdn.samsungcloudsolution.com
osb-v2.samsungqbe.com
scs.samsungqbe.com
d1oxlq5h9kq8q5.cloudfront.net
tvx.adgrx.com
drfwz49v53l3o.cloudfront.net
osb-auth-eusvc-v2.samsungqbe.com
samsungtifa.com
browser.samsungcloudcdn.com

! Samsung TV Plus when accessed from Norway ("-no" is seemingly a country code)
edgesport-rakuten-samsung.amagi.tv
9adc0a6d902744ce8e5518f7f858cfa4.mediatailor.us-east-1.amazonaws.com
bloomberg-bloomberg-1-no.samsung.wurl.com
reuters-reutersnow-1-no.samsung.wurl.com
rakuten-euronews-1-no.samsung.wurl.com
29b8f84f4bc341609d93702b5b9944e2.mediatailor.us-east-1.amazonaws.com (and too many other "mediatailor" subdomains to write down)
rakuten-drama-11-no.samsung.wurl.tv
mytimeuk-rakuten-samsung.amagi.tv
rakuten-documentaries-11-no.samsung.wurl.tv
config-cd-dmgz.bamgrid.com
rakuten-family-11-no.samsung.wurl.tv
insighttv-rakuten-samsung.amagi.tv
mmm-ducktv-4-no.samsung.wurl.com
tvpndynamiclogopeu.samsungcloud.tv
tvpnlogopeu.samsungcloud.tv
futuretoday-afv-family-1-no.samsung.wurl.com
younghollywood-rakuten-samsung.amagi.tv
rakuten-spotlight-11-no.samsung.wurl.tv
estv-rakuten-samsung.amagi.tv
venntv-rakuten-samsung.amagi.tv
mavtv-mavtvglobal-1-no.samsung.wurl.tv

ASUS routers?

routerfeedback.asus.com
routerahs.asus.com
nwsrv-ns1.asus.com
rgom10-en.url.trendmicro.com

[silvaf6]

Samsung (big TV 4k model from 2020 lol)

scsi-upload-lp1.s3.us-west-2.amazonaws.com