Some years back (my memory suggests somewhere between early 2017 and early 2019), Google moved reCAPTCHA to www.google.com, so now anything that uses reCAPTCHA (and that’s a lot, far more than is reasonable when I contemplate the absurdly high efficacy of a simple hidden-by-CSS honeypot when it’s just junk you’re filtering rather than targeted abuse) depends upon www.google.com frame, script and xhr, and www.gstatic.com script.
There may have been other reasons as well, but I have been strongly inclined to consider this a hostile and even malicious action (organisationally, if not individually) from the start, more than the maps.google.com → www.google.com/maps shift (though I think it’s still at least hostile).
Thus you probably can’t quite block even www.google.com even if you never use any Google services yourself.
There may have been other reasons as well, but I have been strongly inclined to consider this a hostile and even malicious action (organisationally, if not individually) from the start, more than the maps.google.com → www.google.com/maps shift (though I think it’s still at least hostile).
Thus you probably can’t quite block even www.google.com even if you never use any Google services yourself.