cdn.youtubeunblocked.live

[adguard-bot]

Issue URL (Annoyance)

https://cdn.youtubeunblocked.live/

Comment

When I visit a website and select YouTube from the quick links, sometimes when I’m browsing videos, channels, or the top page, clicking on links will open them in a new tab instead of the same one. When I check the original tab, an ad site has opened there. The destinations vary, but the original URL is as follows:

https://p23hxejm1.com//CPR/CPR.php?c=1843194

And there is the list of redirects

https://vpn-center.com/cdu/ww/index.php?p1=https://click.vpn-center.com&p2=https://click.vpn-center.com/click&zoneid=1843194&connection_type=other

https://gamdom.com/?utm_source=propellerads&utm_medium=paid

https://ak.ptailadsol.net/4/6280799

https://v.qiepian.vip/a/?code=QOgz0kM0WK

https://p23hxejm1.com/r/dir?zoneid=1843194&pb=8a5ed67ac74da11ec8711dc92c75d4171724251476&psp=aosbZquUoWnIMKmW2g3EjoVTVurHhQbkoR_x36SXMNAJl4LdUHjzlpUobaWL5MWfSuUMi8GUMGDdd-TEOgc5XzsrL7rpgT565lDRcNwSjxdnQW9dRv-W-GoWr18_mMaJYUXWcPMdS0Y1IzV-cs2Kf66k-PBRNz5U6D0mLL9O1N55FnUTlCKgHUsyqwEUvIXQca-xToo2c4pLLvt2dXoWhjPv9AHiEt1djfPKrC_un9c5XUzWnSnzW_1avatabFnUMqrLok9fM3zm60C_E52rzYCfJRRX-zBUXCOxb8CNXpectOwyzVsQcoYgGk7idd0zjitvEoOwBJdk7rJeGgkU1BP6245obf1BluOC6smxo5ltrGxKLQ==&fdl=1&nojs=0&abvar=0&febuild=1.0.314&t=1&wcks=1&wgl=1&cnvs=1&os=-540

https://fulliosdefense.com/landers/valid-vpn/lp11/index.php?lpkey=1701240627f2567738

I don't think you can access it anymore since it has expired, but when I look at my browser history, I can see that I was redirected from this URL.

https://208.87.241.75/channel/UCsBoll12QILGTkmQ4PSttkw?__cpo=aHR0cHM6Ly9tLnlvdXR1YmUuY29t

https://github.com/AdguardTeam/AdguardFilters/issues/186904

Screenshots

Screenshot 1


System configuration

Information	Value
AdGuard product:	AdGuard for iOS v4.5.5
System version:	17.6
License type:	paid
Advanced protection:	enabled
DNS filtering:	disabled
Filters:	Ad Blocking: AdGuard Base, AdGuard Mobile Ads Privacy: AdGuard Tracking Protection Social Widgets: AdGuard Social Media Annoyances: AdGuard Cookie Notices, AdGuard Popups, AdGuard Mobile App Banners, AdGuard Other Annoyances, AdGuard Widgets Language-specific: AdGuard Japanese

[Alex-302]

not working.

[rhdeceptionz]

@Alex-302 I was able to reproduce the issue. The URL you chose has expired, as noted in the comments. You'll need to start a new proxy from the homepage.

Here's how I reproduced it: I went to https://cdn.youtubeunblocked.live/ , picked something from the Quick Links (I chose Twitter), and kept clicking on any links I found, like Privacy Policy. After doing this a bunch of times, an ad tab eventually opened. The ads URL pattern is usually something like https://p23hxejm1.com//CPR/CPR.php?c=*****.

[Alex-302]

Please record a HAR file of broken page and attach it here as ZIP How to get a HAR file: https://toolbox.googleapps.com/apps/har_analyzer/

[rhdeceptionz]

Please record a HAR file of broken page and attach it here as ZIP How to get a HAR file: toolbox.googleapps.com/apps/har_analyzer

Sure, but what is the broken page? Will this be recorded even if an ad tab opens in a tab where the developer tools are not open?

For your reference, I recorded the process leading up to the issue. You can see it happening at the end of the video (3:18). Is it possible to capture this in the HAR file? issue 186928.zip

[rhdeceptionz]

@Alex-302 Is this correct HAR file? I think it recorded the request.
186928.zip

[Alex-302]

@rhdeceptionz It's almost right, I see that aliexpress was opened. But the initial requests was not recorded. Please try to enable HAR recording, and open reproduce the problem in new private tab (cloase all opened before, if so).

[rhdeceptionz]

@Alex-302 What does "initial requests" mean? Also, did you watch the video? Ad tab opens in a new tab, but is it possible to record HAR? If so, how do I record that? Previously, I was opening DevTools and recording every time a new tab opened. I don't know any other way beyond this.

[Alex-302]

What does "initial requests" mean?

First URLs of visited site.

Ad tab opens in a new tab, but is it possible to record HAR? If so, how do I record that?

Please try this https://developer.chrome.com/docs/devtools/open

In this case I need two HARs - of the site and of a tab with ad (I need the very first address - betted do it after removing cache)

Also you may try Fiddler Classic, but it takes a little work.

[rhdeceptionz]

@Alex-302 I recorded two HAR files and also captured the process on video. Can you check if the steps are correct and if the initial requests are included? main: https://streamable.com/c1apl5
backup: https://we.tl/t-QipV8B5LpU

HAR file: har.zip tab_Ad.har: This is the HAR for the ad tab (the one blocked by Adguard in the video). tab_Joseph.har: This is the HAR for the tab opened during normal browsing. tab name is Joseph Crowe (the one that opened to the right of the ad in the video).

[Alex-302]

I recorded two HAR files and also captured the process on video.

No timings. When ad was opened?

[Alex-302]

I think you just opened a site, where must be applied specific rules. Btw this site can steal any your entered data.

[rhdeceptionz]

@Alex-302 What do you mean by "no timings"? Did you actually watch the video? I mentioned in the description, "the one blocked by AdGuard in the video." And, it seems that the ad server I encountered when recording this video was blocked by AdGuard. The window still opens, though. However, as you know, it used to redirect from p23hxejm1.com to AliExpress.

[Alex-302]

What do you mean by "no timings"?

I watched, but I didn't see the moment where the ad opens.

Checked in the HAR a suspicious domain, but cannot find which script opens it.

[Alex-302]

HAR, recorded by Fiddler, will be more useful. Chrome may lost redirect requests when new tab opens.

[rhdeceptionz]

Are you unable to reproduce the issue? What I am doing isn't difficult. All you need to do is keep clicking the links like a video.

[Alex-302]

I tried to open Duck, then opened sites from it, and clicked links. But not reproduced. That's why I asking for HAR. Fiddler can collect anything.

[Alex-302]

1


2


Details

  

https://telerik-fiddler.s3.amazonaws.com/fiddler/FiddlerSetup.exe

[rhdeceptionz]

I see. I can not do on it right now, so the earliest I can get to it is Monday.

[rhdeceptionz]

@Alex-302 Sorry for the late. Can you read record from this HAR file? The whole thing was 90MB, so I just cut out the session near the ad tab http://p23hxejm1.com/. #186928-cut.har.zip

[Alex-302]

No previous requests. Only Fiddler can record all requests from all tabs.

Details


[rhdeceptionz]

How about this file? part2.zip

[Alex-302]

please test #%#//scriptlet('abort-on-property-write', '__Cpn')

Will add to filter:

||p23hxejm1.com^

Don't add during test.

[Alex-302]

Another rule for test, without the previous:

/__cpa.cp.js?__cpo=$third-party

[rhdeceptionz]

#%#//scriptlet('abort-on-property-write', '__Cpn') is causing the website to load incompletely. So I think it's not good. /__cpa.cp.js?__cpo=$third-party is not working. Ads tab still open. I've attached the har file from when /__cpa.cp.js?__cpo=$third-party tested. Please check.

test-2.zip

[Alex-302]

What about ||p23hxejm1.com^$all? It will close popup.

Or test separately:

#%#//scriptlet('json-prune', 'default')
#%#//scriptlet("prevent-addEventListener", "click", ")]=this[_0x")

[rhdeceptionz]

||p23hxejm1.com^$all blocks access as expected, but the tab still opens.
#%#//scriptlet('json-prune', 'default') doesn’t seem to work, as the ad tab still opens. I’ve attached the HAR file from when I tested this rule.
json-prune.zip

#%#//scriptlet("prevent-addEventListener", "click", ")]=this[_0x") also didn’t work, and the ad tab still opens. I’ve attached the HAR file from that test as well.
prevent-addEventListener.zip

Additionally, a new ad server seems to have appeared. The existing rule .com/api/users*^pii=&in=false^$document blocks access, but the tab still opens. I’ve attached the HAR file from testing that rule as well. new_ad.zip Here’s a video of the new ad I encountered. If you’re going to try to reproduce the issue, I recommend the steps shown in the video.

https://github.com/user-attachments/assets/ef5af0ae-2660-4756-a62f-562cb5e4d995

[Alex-302]

I tried the options without being able to reproduce the problem. @AdamWr Could you please take a look?

[rhdeceptionz]

||p23hxejm1.com^$all works well to block the loading, so I think this rule is good.

[AdamWr]

Could you please check out these rules:

#%#//scriptlet('set-constant', '__Cpn.prototype.showAds', 'false')
#%#//scriptlet('abort-on-stack-trace', 'addEventListener', '/attachEvent[\s\S]*?Popup[\s\S]*?register/')

[rhdeceptionz]

Looks like it’s working. I haven’t seen ad tab.