dfdata - uDomainFlag data backend
This is the data backend of uDomainFlag Web version and the uDomainFlag browser extension on
You are probably looking for uDomainFlag Web
Currently the following domains are in use:- dfdata.bella.network - Primary data source for extension lookups
- udfdata.unterhaltungsbox.com - Fallback with reduced features served by Cloudflare Proxy
- sentry.bella.pm - Sentry error tracking (only used if enabled, may be unreachable)
- report.bella.pm - NEL, Except-CT, CSP and other security violation reports
Changelog
- [25.02.2024] Reworked backend to use DoH and various optimizations to support Manifest V3 extensions
- [09.12.2023] Added additional A record for failover and loadbalancing, served now using 2x IPv4 and 1x IPv6
- [07.10.2023] Enabled HTTP/3 support using QUIC
- [29.10.2022] Added possibility for custom overrides to correct invalid data
- [09.10.2022] Added new API endpoint only for flag lookup (/country/thomas.bella.network)
- [01.10.2022] Added own NEL reporting server for connectivity diagnostics
- [18.09.2021] Fallback domain is now served over Cloudflare
- [01.08.2021] Added HTTPS & SVCB DNS records and ALT-SVC headers
- [05.04.2021] Released public API specification
- [06.03.2021] Enabled support for brotli compression in addition to gzip
- [07.02.2021] Switched DH group to ffdhe4096 - Still prefers ECDH with x25519
- [24.10.2020] PHP backend is disabled now. Only the new Go-based backend is now active and uDomainFlag before 2.0.0 doesn't work anymore.
- [22.08.2020] Moved primary domain from udfdata.unterhaltungsbox.com to dfdata.bella.network.
- [27.06.2020] New backend and API for uDomainFlag 2.0.0 is now active. The old API is deprecated and will be discontinued September 2020.
- [31.10.2019] Server-wide deactivation of TLSv1 and TLSv1.1 is now active. Only TLSv1.2 and TLSv1.3 is available.
- [19.07.2019] Enabled 0-RTT for faster data delivery (GET only).
- [28.01.2019] Client cipher preference is now enabled. Clients without AES-NI support will now use CHACHA20-POLY1304 instead of AES-GCM.
- [29.10.2018] TLSv1.3 is now enabled by default.
- [08.10.2018] TLSv1, TLSv1.1 and all CBC ciphers are disabled. Only secure ciphers are allowed.
- [27.06.2018] The use of ECDHE/DHE is now mandatory. Connections without PFS are not possible anymore.
- [17.07.2017] Dual certificate configuration (P-256 & RSA 4096) is now used. Clients without P-256 certificate support will automatically fallback to RSA.
API
This API is mostly stable and can be viewed at /swagger/ using Swagger UI.
Please note that this is a preview and some parts may be changed any time. If you plan to use this API in production, perform many requests or need additional data, please get in touch with me at domainflag@bella.network.Planned
- More platforms: Opera (Upload not possible, internal server error), Safari (Possible without Mac and annual Dev fee?)
- Enterprise Edition: On-Premises data source, relay with data enrichment of local IPs and cloud version with custom data for internal domains. - Let me know your ideas and interest!
uDomainFlag is a project by Thomas Bella • Legal Notice • Privacy Policy