maxstream.video: detection

Porders commented 1 year ago

Prerequisites

[X] I read and understand the policy about what is a valid filter issue.
[X] I verified that this issue is not a duplicate. (Use this button to find out.)
[X] I forced an update of my filter lists. (Click the "Purge all caches" button while holding the 'Shift' key, then click the "Update now" button.)
[X] I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
[x] I did not enable external filter lists, or I have verified that the issue still occurs without enabling external filter lists.
[X] I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
[X] I am not using uBlock Origin (uBO) along with other content blocker extensions.
[X] I have verified that the web browser's built-in blocker or DNS blocking (standalone or through a VPN) is not causing the issue.
[ ] I did not answer truthfully to ALL the above checkpoints.

URL address of the web page

https://maxstream.video/videostream/5zpo0zvmezzg/593j4aq3nnv7/cWhaeGpqZWh0Sk1waVhlMVZGQmNLUT09

Description

Hi, I'm using Firefox (the leatest version) and uBlock Origin. When I'm on maxstream the video appears, but a few seconds leater, the page shows a popup "disable your adblock please", then I must click "ok" and then the video disappears.

Have you any solution?

I link you a screen recorder: https://www.dropbox.com/s/3jrmnfqsfpcynsp/firefox.mp4?dl=0

Thanks

Screenshot(s)

Configuration

```yaml uBlock Origin: 1.49.2 Firefox: 113 filterset (summary): network: 100098 cosmetic: 46564 scriptlet: 17412 html: 943 listset (total-discarded, last-updated): default: user-filters: 0-0, never ublock-filters: 33908-78, 22h.37m ublock-badware: 7073-0, 22h.37m ublock-privacy: 443-0, 22h.37m ublock-abuse: 70-70, 22h.37m ublock-unbreak: 2026-2, 22h.37m ublock-quick-fixes: 289-0, 52m easylist: 65802-652, 22h.37m easyprivacy: 32146-614, 22h.37m urlhaus-1: 7673-1, 22h.37m plowe-0: 3737-3, 22h.37m ITA-0: 13421-1, 22h.37m filterset (user): [empty] modifiedUserSettings: [none] modifiedHiddenSettings: [none] supportStats: allReadyAfter: 3584 ms (selfie) maxAssetCacheWait: 463 ms popupPanel: blocked: 8 network: ezcgojaamg.com: 1 googletagmanager.com: 1 host-cdn.net: 1 intellipopup.com: 1 sonsbrunette.com: 4 ```

stephenhawk8054 commented 1 year ago

I can't reproduce the anti adblock. The whole video plays fine for me.

Porders commented 1 year ago

I can't reproduce the anti adblock. The whole video plays fine for me.

Hi, 😟 what can I say: in maxstream allways was fine. But now the popup, for me, appears, but nothing I have changed. I really don't know.

peace2000 commented 1 year ago

@stephenhawk8054 I can't access the site by default because this filter blocks it:

https://github.com/uBlockOrigin/uAssets/blob/f74450cf909c4dd760e18ad928b4bdd3665f2f8f/filters/filters-2021.txt#L3370

It has to be allowed in order to access it:

stephenhawk8054 commented 1 year ago

@peace2000 It was added due to redirection to malicious site previously: https://github.com/uBlockOrigin/uAssets/issues/17542

Does it redirect you to the right link?

peace2000 commented 1 year ago

Doesn't seem to. When I click continue... :

peace2000 commented 1 year ago

I guess what I'm trying to say is that if that site has malicious redirects, why this site isn't blocked as a badware in the first place?

peace2000 commented 1 year ago

Ok now my IP got banned :)....

stephenhawk8054 commented 1 year ago

As far as I understand, this site is used when clicking from other streaming websites to access (looks like it uses cookies). If you access that link directly, sometimes it will redirect to the readfile page, depending on region/IP. Not everytime or every link has that.

And sorry I forgot to warn you that if you access that readfile page twice, they will ban your IP.

peace2000 commented 1 year ago

Ok, well FInnish IP's don't seem to be welcome. Changed IP few times and they got banned.

Porders commented 1 year ago

Hi, I gone to options, and I flagged advanced settings, and I cliccked to the gears icon near the option, and I set filterAuthorMode to true. Then I used the dynamic filtering like that:

https://www.dropbox.com/s/osu3ibdd2ca2toc/ojjHegIKNe.png?dl=0

and, for now, the popup is disappeard

stephenhawk8054 commented 1 year ago

Don't use that in the left column, you are allowing that ads domain to run on all of the other sites. What is the original site that you use to access maxstream.video?

Porders commented 1 year ago

Don't use that in the left column, you are allowing that ads domain to run on all of the other sites. What is the original site that you use to access maxstream.video?

Hi, uprot.net

stephenhawk8054 commented 1 year ago

It's an URL encrypter site for me. Screenshot: https://github.com/uBlockOrigin/uAssets/assets/66517106/b1ff4dd4-be20-4b48-8cc7-b3d3409058a9

What should I do next?

Porders commented 1 year ago

I don't if this link can help you:

https://uprot.net/msfi/QlBheEdvcUtuZ3FseDNxZm1rUkhJQT09

stephenhawk8054 commented 1 year ago

Remove the dynamic filtering rules. Can you test this filter?

@@||host-cdn.net^$image,domain=maxstream.video

Click on uBO icon > ⚙ Dashboard button > Add the filter in "My filters" pane > Click ✓ Apply changes > Go back to the website > Press Ctrl + Shift + R to reload the page and test again.

Porders commented 1 year ago

So, If I use your suggestion:

@@||host-cdn.net^$image,domain=maxstream.video

in my filers and I reload the page, the popup reappears

But if I use only:

maxstream.video ads.host-cdn.net * allow

in temporary rules, the popup does't show, if I reload the page

stephenhawk8054 commented 1 year ago

Can you do these steps:

Click on ▤ "The logger" icon on the popup user interface,
Reload the page and repeat the steps until issue happens,
Copy the logger via 📋 export/copy button at the top right,
Paste the logs here

Or test this filter:

@@||host-cdn.net^$domain=maxstream.video

Porders commented 1 year ago

Your filter:

@@||host-cdn.net^$domain=maxstream.video

works.

But you allow cdn.net in maxstream.

Can I post you the log in private, is it possible? And in which format, list, table, simple, markdown ?

stephenhawk8054 commented 1 year ago

The log just contains what are being loaded, what are being blocked in that website. There's no personal information in there.

You can choose table and markdown.

Porders commented 1 year ago

Ok I post you the log here:

Logger output

stephenhawk8054 commented 1 year ago

Test

*$script,3p,redirect-rule=noopjs,domain=maxstream.video

If it doesn't work, the only way is allowing the https://ads.host-cdn.net/stats.js

@@||ads.host-cdn.net/stats.js$script,domain=maxstream.video

Porders commented 1 year ago

*$script,3p,redirect-rule=noopjs,domain=maxstream.video

doesn't work

But:

@@||ads.host-cdn.net/stats.js$script,domain=maxstream.video

works. In this way you enable the java script from cdn.net only for maxstream.video, right?

stephenhawk8054 commented 1 year ago

Yes, it's for allowing that script only on maxstream.video. These might work without the need of making exception:

maxstream.video##+js(set, eerree, true)
maxstream.video##+js(set, e2e2e2e2, true)
maxstream.video##+js(set, e3e3e3e3, true)

But given that they likely use random variables, better way is to allow that script.

Porders commented 1 year ago

maxstream.video##+js(set, eerree, true)
maxstream.video##+js(set, e2e2e2e2, true)
maxstream.video##+js(set, e3e3e3e3, true)

maxstream.video##+js(set, eerree, true) maxstream.video##+js(set, e2e2e2e2, true) maxstream.video##+js(set, e3e3e3e3, true)

works too. I don't know the syntax, but I understand variables "(set, xxxxxx, true)" (taken from the log?) are set to true, but also these may change in the future. So the better way is to allow the specific java script, as from log, for now

Porders commented 1 year ago

Thank you stephenhawk8054! And thank to all!

uBlockOrigin / uAssets