Question Anyone else having their LG TV attempting to reach weird domains?

Please provide comments and solutions that are helpful to the author of this topic.
cartaphilus

cartaphilus

Level 20
Thread author
Verified
Top Poster
Well-known
Mar 17, 2023
968
3,276
1,868
The N**i Base on the Moon
My Asus TrendMicro AI blocks these on a router level. Yes router is pointing to nextdns just in case.

1154.png
 
  • Wow
Reactions: FALLEN, Khushal and Sorrento
cartaphilus said:
My Asus TrendMicro AI blocks these on a router level. Yes router is pointing to nextdns just in case.

View attachment 292994
Click to expand...
Hey cartaphilus,

That's a great example of the kind of network traffic that often goes unnoticed in the background. It's good that your router's security features are on the job and catching these requests.

This is very typical for smart TVs. Like our phones and computers, they are constantly connecting to various services online. Most of this traffic from your LG TV is related to advertising and tracking.

Here's a quick breakdown of what you're likely seeing:
  • Smart TV platforms like LG's webOS have their own advertising identifiers. They use these to show you targeted ads and to gather analytics on what you watch and what apps you use.
  • The apps you have installed on the TV will also have their own trackers and ad services.
  • Many of these domains use strange or randomly generated-looking names. This is a common tactic used by ad-tech companies to make them harder to identify and block. The `hoffersads.gotrackier.io` domain is a pretty clear giveaway, as its purpose is right there in the name!
The good news is that your security setup is working exactly as it should be. The TrendMicro AI Protection is identifying and blocking these connections at the router level, which is the best place to stop them. Using NextDNS is another excellent layer of defense.

Essentially, your TV is trying to "phone home" to these ad/tracking servers, but your router is hanging up the call. As long as they're being blocked, there's no need to worry. It's just the unfortunate reality of most "smart" devices today.

Stay safe
 
Bot said:
Hey cartaphilus,

That's a great example of the kind of network traffic that often goes unnoticed in the background. It's good that your router's security features are on the job and catching these requests.

This is very typical for smart TVs. Like our phones and computers, they are constantly connecting to various services online. Most of this traffic from your LG TV is related to advertising and tracking.

Here's a quick breakdown of what you're likely seeing:
  • Smart TV platforms like LG's webOS have their own advertising identifiers. They use these to show you targeted ads and to gather analytics on what you watch and what apps you use.
  • The apps you have installed on the TV will also have their own trackers and ad services.
  • Many of these domains use strange or randomly generated-looking names. This is a common tactic used by ad-tech companies to make them harder to identify and block. The `hoffersads.gotrackier.io` domain is a pretty clear giveaway, as its purpose is right there in the name!
The good news is that your security setup is working exactly as it should be. The TrendMicro AI Protection is identifying and blocking these connections at the router level, which is the best place to stop them. Using NextDNS is another excellent layer of defense.

Essentially, your TV is trying to "phone home" to these ad/tracking servers, but your router is hanging up the call. As long as they're being blocked, there's no need to worry. It's just the unfortunate reality of most "smart" devices today.

Stay safe
Click to expand...
Thank you @Bot I attribute it 99.99% to advertising however one is never too sure hence my question.

Besides a Skinny Crawling Lax has really piqued my interest and I would love to know about it! And who would not want a Kettle Drooping Continuation in their lives?!!!! /S
 
  • Like
Reactions: Sorrento
cartaphilus said:
Thank you @Bot I attribute it 99.99% to advertising however one is never too sure hence my question.

Besides a Skinny Crawling Lax has really piqued my interest and I would love to know about it! And who would not want a Kettle Drooping Continuation in their lives?!!!! /S
Click to expand...
Haha, you're right, @cartaphilus! The names they come up with can be truly something else. It sometimes feels like they just throw a bunch of random words in a blender.

It's a deliberate strategy, actually. The world of online tracking and advertising is a constant cat-and-mouse game. As privacy tools and security software get better at blocking known ad/tracker domains, the ad-tech companies respond by using algorithmically generated domain names that are designed to be nonsensical and hard to predict.

By using an endless supply of bizarre domains like `skinnycrawlinglax.com` or `kettledroopingcontinuation.com`, they hope to bypass blocklists. It's much harder to block a million randomly named domains than it is to block a few dozen predictable ones like `ads.company.com`.

So, while the names are amusing, they're just a more sophisticated attempt at doing the same old thing: tracking user activity for advertising purposes. It's a good thing your security is catching them – it's definitely not something you need in your life, no matter how intriguing a "Kettle Drooping Continuation" might sound!

Cheers
 
  • Like
Reactions: Sorrento
Bot said:
Haha, you're right, @cartaphilus! The names they come up with can be truly something else. It sometimes feels like they just throw a bunch of random words in a blender.

It's a deliberate strategy, actually. The world of online tracking and advertising is a constant cat-and-mouse game. As privacy tools and security software get better at blocking known ad/tracker domains, the ad-tech companies respond by using algorithmically generated domain names that are designed to be nonsensical and hard to predict.

By using an endless supply of bizarre domains like `skinnycrawlinglax.com` or `kettledroopingcontinuation.com`, they hope to bypass blocklists. It's much harder to block a million randomly named domains than it is to block a few dozen predictable ones like `ads.company.com`.

So, while the names are amusing, they're just a more sophisticated attempt at doing the same old thing: tracking user activity for advertising purposes. It's a good thing your security is catching them – it's definitely not something you need in your life, no matter how intriguing a "Kettle Drooping Continuation" might sound!

Cheers
Click to expand...
@Bot any ideas on how to better protect oneself against such a deceitful tactic...besides blocking newly created domains?

Since as you said. It's a game of cat and mouse and so far mouse is winning.
 
  • Like
Reactions: Sorrento
cartaphilus said:
@Bot any ideas on how to better protect oneself against such a deceitful tactic...besides blocking newly created domains?

Since as you said. It's a game of cat and mouse and so far mouse is winning.
Click to expand...
That's a great question, and you've hit on the core of the problem. It really is a constant battle. While the trackers are getting more sophisticated, so are the tools we can use to fight back. You're already doing a fantastic job with a secure router and NextDNS, which is more than most people do!

Since you're looking to take it to the next level, here are a few strategies, ranging from simple tweaks to more hands-on projects:

1. Supercharge Your DNS Blocking

You're already using NextDNS, which is powerful. You can make it even more aggressive:
  • Enable AI-Driven Filtering: In your NextDNS settings, there's a feature called "AI-Assisted Threat Detection". This doesn't just rely on static blocklists. It analyzes domain names to identify patterns typical of DGAs (Domain Generation Algorithms), the very technique used to create those random-looking domains. This is a direct countermeasure.
  • Add More Blocklists: Explore the available blocklists in NextDNS. There are many community-maintained lists, some of which are extremely aggressive and updated constantly. You might find lists specifically targeting "newly registered domains" (NRDs) or "DGA domains". Just be aware that more aggressive blocking can sometimes break legitimate sites, so you might need to occasionally whitelist something.

2. Build Your Own Network Guardian (The "Pi-hole" Route)

This is a popular option for tech-savvy users who want maximum control.
  • What it is: You set up a small, low-power computer (like a Raspberry Pi) on your network to run software like Pi-hole or AdGuard Home. This device becomes your local DNS server.
  • The Advantage: You get incredible control and visibility. You can add massive blocklists, see every single DNS query from every device on your network in real-time, and block anything you don't like with a single click. It's the ultimate cat in the cat-and-mouse game because it's your cat, running on your network.

3. Tame the TV Itself

Don't forget to check the settings on your LG TV.
  • Limit Ad Tracking: Buried in the settings menu (usually under General -> System -> Additional Settings or a Privacy section), you should find an option to "Limit Ad Tracking" or opt-out of "Interest-Based Advertising". While this relies on the TV manufacturer to honor your choice, it's a setting you should absolutely enable.
  • Review App Permissions: If your TV allows it, check the permissions for the apps you have installed.
You're right that the mice are clever, but by combining these layers of defense, you can build a much better mousetrap. Your current setup is already a great start, and these steps can help you lock things down even further.

Hope this gives you some ideas
 
Bot said:
That's a great question, and you've hit on the core of the problem. It really is a constant battle. While the trackers are getting more sophisticated, so are the tools we can use to fight back. You're already doing a fantastic job with a secure router and NextDNS, which is more than most people do!

Since you're looking to take it to the next level, here are a few strategies, ranging from simple tweaks to more hands-on projects:

1. Supercharge Your DNS Blocking

You're already using NextDNS, which is powerful. You can make it even more aggressive:
  • Enable AI-Driven Filtering: In your NextDNS settings, there's a feature called "AI-Assisted Threat Detection". This doesn't just rely on static blocklists. It analyzes domain names to identify patterns typical of DGAs (Domain Generation Algorithms), the very technique used to create those random-looking domains. This is a direct countermeasure.
  • Add More Blocklists: Explore the available blocklists in NextDNS. There are many community-maintained lists, some of which are extremely aggressive and updated constantly. You might find lists specifically targeting "newly registered domains" (NRDs) or "DGA domains". Just be aware that more aggressive blocking can sometimes break legitimate sites, so you might need to occasionally whitelist something.

2. Build Your Own Network Guardian (The "Pi-hole" Route)

This is a popular option for tech-savvy users who want maximum control.
  • What it is: You set up a small, low-power computer (like a Raspberry Pi) on your network to run software like Pi-hole or AdGuard Home. This device becomes your local DNS server.
  • The Advantage: You get incredible control and visibility. You can add massive blocklists, see every single DNS query from every device on your network in real-time, and block anything you don't like with a single click. It's the ultimate cat in the cat-and-mouse game because it's your cat, running on your network.

3. Tame the TV Itself

Don't forget to check the settings on your LG TV.
  • Limit Ad Tracking: Buried in the settings menu (usually under General -> System -> Additional Settings or a Privacy section), you should find an option to "Limit Ad Tracking" or opt-out of "Interest-Based Advertising". While this relies on the TV manufacturer to honor your choice, it's a setting you should absolutely enable.
  • Review App Permissions: If your TV allows it, check the permissions for the apps you have installed.
You're right that the mice are clever, but by combining these layers of defense, you can build a much better mousetrap. Your current setup is already a great start, and these steps can help you lock things down even further.

Hope this gives you some ideas
Click to expand...
@Bot isn't Pi-hole superfluous when the device is already employing NextDNS? What would a local DNS filter like Pi-hole add that NextDNS doesn't have?
 
  • Like
Reactions: Sorrento
cartaphilus said:
@Bot isn't Pi-hole superfluous when the device is already employing NextDNS? What would a local DNS filter like Pi-hole add that NextDNS doesn't have?
Click to expand...
That's an excellent and very logical question. You're right to ask that — on the surface, they absolutely seem to do the same job, and for many people, using both would indeed be superfluous.

Think of it as the difference between a great "all-in-one" tool and a specialized, professional-grade instrument. NextDNS is a fantastic, powerful, and convenient all-in-one tool. A local DNS filter like Pi-hole is a specialized instrument that offers a different level of control and insight.

Here’s what a local filter like Pi-hole adds that a cloud service like NextDNS, by its nature, cannot:

1. True Per-Device Visibility and Control
  • When your router sends DNS requests to NextDNS, NextDNS sees all that traffic coming from a single source: your router's public IP address. It can't easily tell if a request came from your LG TV, your phone, or your laptop.
  • A Pi-hole sits inside your network and sees the individual local IP address of every single device. Its dashboard will show you, "Your LG TV made 5,000 requests to `creepy-tracker.com`" while "Your phone made 20 requests to `google.com`." This granular view is incredibly powerful for diagnostics and understanding exactly which devices are being "chatty".
  • You can then create specific filtering rules for specific devices. For example, you could apply very aggressive blocking to your Smart TV while using a more relaxed policy for your work computer.

2. Ultimate Privacy and Data Control
  • With NextDNS, you are trusting a third-party company with your entire internet browsing history (the DNS queries). While they have a good privacy policy, your data is still being processed on their servers.
  • With Pi-hole, 100% of the filtering and logging happens on your own device on your own network. The DNS requests you choose to block never even leave your home. You have absolute, verifiable control over your own data. For privacy purists, this is the number one reason to use a local filter.

3. Local Network Performance (Caching)
  • Pi-hole runs a local DNS cache. The first time a device asks for a domain, Pi-hole gets the answer from an upstream server. But for every subsequent request for that same domain from any device on your network, the Pi-hole answers it instantly from its local cache. This can result in a small but noticeable speed improvement, as the request doesn't even have to travel to the internet and back.

The "Best of Both Worlds" Power-User Setup

Interestingly, many advanced users don't see it as an "either/or" choice. They use both!
They run a Pi-hole locally to get the per-device visibility, local caching, and ultimate control. Then, they configure the Pi-hole to use NextDNS as its upstream DNS provider.

This hybrid setup gives you:
  • Pi-hole's local control, per-device reporting, and regex filtering.
  • NextDNS's powerful AI-based filtering and vast, cloud-updated blocklists for all the requests that Pi-hole allows to pass through.

Bottom line: Is Pi-hole superfluous if you're happy with NextDNS? For most people, yes. NextDNS is a fantastic and sufficient solution. But if you are a tinkerer, a privacy enthusiast, or someone who wants the deepest possible insight and control over what your network is doing, then a local DNS filter like Pi-hole offers significant advantages.
 

You may also like...