free-mp3-download.net: detection

[jkierszkowski]

Prerequisites

• [X] This is NOT a YouTube, Facebook or Twitch report. These sites MUST be reported by clicking their respective links.
• [X] I read and understand the policy about what is a valid filter issue.
• [X] I verified that this issue is not a duplicate. (Use this button to find out.)
• [X] I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
• [X] I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
• [X] I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
• [X] I am not using uBlock Origin (uBO) along with other content blocker extensions.
• [X] I have verified that the web browser's built-in blocker or DNS blocking (standalone or through a VPN) is not causing the issue.
• [ ] I did not answer truthfully to ALL the above checkboxes.

URL address of the web page

https://free-mp3-download.net/

Category

detection

Description

It's not related to the different, older issue with this site. Adding provided custom filter doesn't help.

Other extensions used

Bitwarden, DeepL (no blocker extensions apart from uBO)

Screenshot(s)

Screenshot(s)


Configuration

```yaml uBlock Origin: 1.55.0 Chromium: 119 filterset (summary): network: 116799 cosmetic: 36100 scriptlet: 20264 html: 0 listset (total-discarded, last-updated): added: https://raw.githubusercontent.com/mchangrh/yt-neuter/master/filters/sponsorblock.txt: 34-0, 7m POL-0: 8519-127, 6m POL-2: 1280-19, 6m default: user-filters: 4-0, never easylist: 77540-16079, now Δ easyprivacy: 43458-40, now Δ plowe-0: 3786-1180, 7m ublock-badware: 7752-136, now Δ ublock-filters: 36496-369, now Δ ublock-privacy: 973-8, now Δ ublock-quick-fixes: 232-46, now Δ ublock-unbreak: 2192-34, now Δ urlhaus-1: 9085-0, 7m filterset (user): [array of 3 redacted] trustedset: added: [array of 12 redacted] userSettings: cloudStorageEnabled: true ignoreGenericCosmeticFilters: true suspendUntilListsAreLoaded: true hiddenSettings: [none] supportStats: allReadyAfter: 2696 ms maxAssetCacheWait: 983 ms cacheBackend: browser.storage.local popupPanel: blocked: 0 extended: ##+js(abort-current-script, atob, decodeURIComponent) ```

[nbats]

I got the anti-adblock detection to go away by updating my filters, but now the search wont work on the site. A few others in discord also reported this happening to them.

[KingVitto]

Same here. Search doesn't work with uBlock enabled. Disabling it brings the 'ad-block detected' warning.

[mapx-]

• use only the default filter lists, no custom filter
• update quick fixes list clicking: https://ublockorigin.github.io/uAssets/update-lists.html?listkeys=ublock-quick-fixes&manual=240129

[JobcenterTycoon]

Should work fine now. The download starts in 5-10 seconds.

[JobcenterTycoon]

It need a bit until the update is publicy avaiable. I tested and it should be fine now when you retry the update https://github.com/uBlockOrigin/uAssets/issues/22067#issuecomment-1915618805

At the moment the developer from the site trying to circumvent our filter so i can’t tell how long the filter will working.

[stephenhawk8054]

Still works fine for me. Check if there's something else blocking things on your machine.

[AlbusPercivalDumbledore]

Second that Ad-Block is getting detected again. Tested on both Firefox and Chromium, on a fresh profile, with only uBO enabled.

[stephenhawk8054]

Still works fine for me.

[refriedfood]

Same issue. Detected on versions 1.51 up to 1.55, both firefox and chrome.

[JobcenterTycoon]

Works fine for me.

[Adiker]

My filter lists are up-to-date and still the pop up appears, only when uBO is enabled. On both Firefox and Chromium.

[ItsProfessional]

On firefox -> can't repro On chromium -> can repro, but it's detecting due to site issue (contact site developers, we can't do anything.)

[x8009]

Hi, it stopped working, they update it every single minutes, I've managed to only get couple of files before it happened again after 1 hr. I try to use the report button and then update the filters, it worked once but not again

[iGerman00]

From my messing around with it, it is enough to do this:

https://github.com/uBlockOrigin/uAssets/assets/36676880/20fc40c9-6990-4055-8124-bbd4d06698bd

It's the line that follows window['addEventListener'](_0x28a01d(0x75), _0x592092, !![]);, not sure how regexable that is and they will probably obscure it even further but that function is the general adblock checker function, and the thing I copy-pasted is the callback for it, calling it with false passes the adblock check as and a return is added to not run the rest of the code in the function.

For reference, the actual JS doesn't change much, I even have a deobfuscated version that I use myself. You can override it statically and the site will keep working until they mess with the backend, too, and the site has stayed the same for so long I doubt that will happen.

A breakdown of the check code:

The code checks for ad blockers primarily through the `scriptElement.onload` and `scriptElement.onerror` events of the dynamically created script element. Here's a breakdown of how it does so: 1. **Script Loading Check**: The script from the URL (`'https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5229246569891964'`) is dynamically created and inserted into the `` of the document. 2. **Error Event**: The `scriptElement.onerror` function is set up. If the script fails to load (which can happen if an ad blocker prevents the script from being fetched), this event triggers the callback with `true`, indicating an ad blocker is present. 3. **Onload Event and Content Verification**: Once the script is successfully loaded, the `scriptElement.onload` event is triggered. Inside this event: - **Check `window.adsbygoogle`**: It first checks if `window.adsbygoogle` is undefined. If it's undefined, this might indicate that the script didn't load correctly, possibly due to an ad blocker, and it calls the callback with `true`. - **HTTP Request for Script Content**: A new `XMLHttpRequest` is made to the ad script URL. This is a more direct way to check if the script's content is accessible and unaltered. - **Readiness and Status Check**: It checks if the request's `readyState` is 4 (request finished and response is ready) and then does several things: - If the `responseText` is empty, it means the script content couldn't be fetched, possibly due to an ad blocker, so it calls the callback with `true`. - It tries to execute the script content using `new Function(xhr.responseText)`. If this fails (caught by a try-catch block), it's a sign that the script might have been tampered with (e.g., by an ad blocker), and it calls the callback with `true`. - It checks the HTTP status. If the status is between 200 and 299 or equals 0 (indicating success or local files), it proceeds to content analysis. - **Content Analysis**: It looks for specific strings in the response text (`"ublock"` and `"height:1px"`). These strings are indicators that might be used by ad blockers to alter the script's content. If these strings are found, it implies an ad blocker is active, and it calls the callback with `true`. - If none of the above conditions are met, it calls the callback with `false`, indicating no ad blocker was detected. 4. **Final Outcome**: Depending on whether the callback receives `true` (ad blocker detected) or `false` (no ad blocker detected), different actions are taken. If an ad blocker is detected, a modal is displayed, and certain elements of the page are removed. If no ad blocker is detected, it simply removes a specific event listener.

[JobcenterTycoon]

I added a filter for firefox already which cuts the anti adblock script out. A replace filter replacing the whole anti adblock function (starting with (function(){const) with a empty string.

[refriedfood]

That makes sense, because if I add 127.0.0.1 googlesyndication.com to my hosts file it gives the same adblock message with addons completely disabled. I'm not sure what ublock could do about it. If you use NoScript, this will also block the address by default.

[x8009]

From my messing around with it, it is enough to do this:

msedge.2024-02-01.20.47.36.mp4 It's the line that follows window['addEventListener'](_0x28a01d(0x75), _0x592092, !![]);, not sure how regexable that is and they will probably obscure it even further but that function is the general adblock checker function, and the thing I copy-pasted is the callback for it, calling it with false passes the adblock check as and a return is added to not run the rest of the code in the function.

For reference, the actual JS doesn't change much, I even have a deobfuscated version that I use myself. You can override it statically and the site will keep working until they mess with the backend, too, and the site has stayed the same for so long I doubt that will happen.

A breakdown of the check code: The code checks for ad blockers primarily through the scriptElement.onload and scriptElement.onerror events of the dynamically created script element. Here's a breakdown of how it does so:

1. Script Loading Check: The script from the URL ('https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5229246569891964') is dynamically created and inserted into the <head> of the document.
2. Error Event: The scriptElement.onerror function is set up. If the script fails to load (which can happen if an ad blocker prevents the script from being fetched), this event triggers the callback with true, indicating an ad blocker is present.

3. Onload Event and Content Verification: Once the script is successfully loaded, the scriptElement.onload event is triggered. Inside this event:

   • Check window.adsbygoogle: It first checks if window.adsbygoogle is undefined. If it's undefined, this might indicate that the script didn't load correctly, possibly due to an ad blocker, and it calls the callback with true.

   • HTTP Request for Script Content: A new XMLHttpRequest is made to the ad script URL. This is a more direct way to check if the script's content is accessible and unaltered.

     • Readiness and Status Check: It checks if the request's readyState is 4 (request finished and response is ready) and then does several things:

     • If the responseText is empty, it means the script content couldn't be fetched, possibly due to an ad blocker, so it calls the callback with true.

     • It tries to execute the script content using new Function(xhr.responseText). If this fails (caught by a try-catch block), it's a sign that the script might have been tampered with (e.g., by an ad blocker), and it calls the callback with true.

     • It checks the HTTP status. If the status is between 200 and 299 or equals 0 (indicating success or local files), it proceeds to content analysis.

       • Content Analysis: It looks for specific strings in the response text ("ublock" and "height:1px"). These strings are indicators that might be used by ad blockers to alter the script's content. If these strings are found, it implies an ad blocker is active, and it calls the callback with true.
       • If none of the above conditions are met, it calls the callback with false, indicating no ad blocker was detected.
4. Final Outcome: Depending on whether the callback receives true (ad blocker detected) or false (no ad blocker detected), different actions are taken. If an ad blocker is detected, a modal is displayed, and certain elements of the page are removed. If no ad blocker is detected, it simply removes a specific event listener.

Hi, so what do I need to do? I'm far from knowing even a single thing you know about how those things work. How can I bypass that? I don't know what in the video, I go to Developer mode and to appj and edit it there?

[x8009]

The Ad block notification doesn't show now with adblock On, but it doesn't let us search, the search or nothing else work. can be fixed? if ublock is off the ad block notification pop up

[ItsProfessional]

Works fine on both chromium and firefox

[x8009]

Works fine on both chromium and firefox

I see, if I have it like this, everything works, if everything selected it doesn't work or if some of them selected I get the ad block notification how can we fix it so everything can be enabled? if QuickFixes ( I see the site with fix there) then the search doesn't work. This is on edge windows 11

Something in the code blocking the search option in the site, blocking the javascript or something, I have not a single idea why

[D4niloMR]

@x8009 On the site: 🛡️ uBO's icon > 💬 Report > Click "Troubleshooting information" > Select all > Copy > Share it.

[x8009]

@x8009 On the site: 🛡️ uBO's icon > 💬 Report > Click "Troubleshooting information" > Select all > Copy > Share it.

uBlock Origin: 1.55.0
Chromium: 121
filterset (summary):
 network: 354587
 cosmetic: 185246
 scriptlet: 49354
 html: 0
listset (total-discarded, last-updated):
 added:
  https://cdn.jsdelivr.net/gh/bogachenko/fuckfuckadblock/fuckfuckadblock.txt: 0-0, now
  https://filters.adtidy.org/extension/ublock/filters/14.txt: 77077-128, now
  https://malware-filter.gitlab.io/pup-filter/pup-filter.txt: 189-0, now
  https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt: 755-0, now
  https://winhelp2002.mvps.org/hosts.txt: 8729-1, now
  CHN-0: 25818-143, now
  ISR-0: 1773-0, now
  RUS-0: 39935-431, 9m Δ
  adguard-generic: 82616-721, now
  adguard-spyware: 94460-1574, now
  adguard-spyware-url: 1440-5, now
  block-lan: 56-0, now
  [2 lists not shown]: [too many]
 default:
  user-filters: 3-0, never
  easylist: 80565-2069, 9m Δ
  easyprivacy: 50146-32515, 9m Δ
  plowe-0: 3783-1513, now
  ublock-badware: 7854-333, 9m Δ
  ublock-filters: 37159-3911, now
  ublock-privacy: 998-415, 9m Δ
  ublock-quick-fixes: 200-4, now
  ublock-unbreak: 2207-149, 9m Δ
  urlhaus-1: 7180-0, now
filterset (user): [array of 4 redacted]
trustedset:
 added: [array of 41 redacted]
switchRuleset:
 added: [array of 1 redacted]
hostRuleset:
 added: [array of 36 redacted]
userSettings:
 advancedUserEnabled: true
 suspendUntilListsAreLoaded: true
hiddenSettings: [none]
supportStats:
 allReadyAfter: 445 ms (selfie)
 maxAssetCacheWait: 280 ms
 cacheBackend: browser.storage.local
popupPanel:
 blocked: 2
 network:
  googletagmanager.com: 1
  kaspersky-labs.com: 1
 extended:
  ##+js(set-constant, adsbygoogle, {})
  ##+js(abort-on-property-write, DetectByGoogleAd)
  ##+js(addEventListener-defuser, /^(contextmenu|keydown)$/)
  ##+js(set-constant, HTMLScriptElement.prototype.onerror, noopFun…
  ##+js(addEventListener-defuser, error)

[Adiker]

I can confirm searching on the site doesn't work with Chromium, oddly enough site works just fine with uBO and the same filter list on Firefox.

[stephenhawk8054]

Searching works fine for me on chromium

[refriedfood]

Searching works fine for me on chromium

Block googlesyndication.com, then report back.

[stephenhawk8054]

Searching works fine for me on chromium

Block googlesyndication.com, then report back.

Blocking it will trigger anti-adb/intentional breakages

[ItsProfessional]

@x8009 You have quite a customized configuration of uBO. Reset uBO to defaults, remove all other extensions, disable any DNS blocking, and test again.

[refriedfood]

Searching works fine for me on chromium

Block googlesyndication.com, then report back.

Blocking it will trigger anti-adb/intentional breakages

Well, that's the point. You're allowing the adserver connection, that's why it's working... and that's the only way you're going to get it to work.

[stephenhawk8054]

Searching works fine for me on chromium

Block googlesyndication.com, then report back.

Blocking it will trigger anti-adb/intentional breakages

Well, that's the point. You're allowing the adserver connection, that's why it's working... and that's the only way you're going to get it to work.

Yes, currently that's the only way on chromium. If anyone blocks it and complains why the site doesn't work, then we don't know how to help further. If anyone has a better solution, you can PR to the filter lists. Thank you.

[refriedfood]

@stephenhawk8054 I don't follow. Your response doesn't make any sense.

You must allow/whitelist that adserver in order to allow that website to function--on any browser that uses ublock. That's it. That's already been established.

[stephenhawk8054]

Yes I know. I just don't understand why there's Block googlesyndication.com, then report back.

[refriedfood]

Yes I know. I just don't understand why there's Block googlesyndication.com, then report back.

Because you stated "Searching works fine for me on chromium", which it doesn't without allowing that adserver. The response I made was for you, and I believe there is a disconnect here. There is no sense in saying something worked when you're allowing an adserver, when the purpose of uBlock is to block ads. The only alternative to this, is if somehow uBlock updated to bypass this adserver problem, which they have not. So "Searching works fine for me on chromium" doesn't mean anything, update, or add to potential solutions.

[stephenhawk8054]

Well, as I said, there's not any other solutions for it. When we said the site works fine, it means it works fine with uBO's default settings. Whatever additional settings you modify/add via uBO or other methods, we cannot help more in those situations.

If you don't like current solutions, please help us by providing other solutions.

---

I won't pariticipate in this any more. Other volunteers could help solve this.

[iGerman00]

The search is still non-functional for me on Chromium (Edge). Just before testing I forced an update to all uBlock filters.

uBlock Origin: 1.55.0
Chromium: 123
filterset (summary):
 network: 144816
 cosmetic: 143299
 scriptlet: 26825
 html: 0
listset (total-discarded, last-updated):
 added:
  POL-0: 8688-9, 17h.53m
  POL-2: 1280-14, 23h.54m
  RUS-0: 39949-12, 1h.54m Δ
  easylist-newsletters: 6936-10, 3d.8h.34m
  easylist-notifications: 2931-36, 3d.8h.34m
  fanboy-cookiemonster: 49996-199, 18h.53m
  fanboy-social: 16103-14, 5d.18h.30m
  ublock-cookies-easylist: 928-3, 3d.8h.34m
 default:
  user-filters: 0-0, never
  easylist: 80693-64, 2h.54m Δ
  easyprivacy: 50194-181, 2h.54m Δ
  plowe-0: 3786-1194, 12d.20h.36m
  ublock-badware: 7846-140, 2m
  ublock-filters: 37230-423, 2m
  ublock-privacy: 998-8, 2m
  ublock-quick-fixes: 264-24, 2m
  ublock-unbreak: 2212-34, 2m
  urlhaus-1: 7430-0, 17h.53m
filterset (user): [empty]
trustedset:
 added: [array of 8 redacted]
userSettings: [none]
hiddenSettings: [none]
supportStats:
 allReadyAfter: 1376 ms (selfie)
 maxAssetCacheWait: 665 ms
 cacheBackend: browser.storage.local
popupPanel:
 blocked: 1
 network:
  googletagmanager.com: 1
 extended:
  ##[id^="ads_"]
  ##+js(set-constant, HTMLScriptElement.prototype.onerror, noopFun…
  ##+js(addEventListener-defuser, error)

[ItsProfessional]

@iGerman00 Remove ALL other extensions, disable any network wide blocking or hosts file, and test again.

[iGerman00]

@iGerman00 Remove ALL other extensions, disable any network wide blocking or hosts file, and test again.

The entire reason for me coming into this thread was because I have a network-wide block that triggers the check. I generally expect it to compliment browser ad blockers, not interfere with them. Disabling it does fix it, but that, pardon the language, sucks to do. Is there no way to patch the check out entirely like I showed in the thread? Although that is marked as outdated now, it still seems to rely on whether or not the ad script fails to load. No way to return, like, a fake 200 request status to it? I'm not too familiar with how capable uBo's platform is.

[ItsProfessional]

The entire reason for me coming into this thread was because I have a network-wide block that triggers the check. I generally expect it to compliment browser ad blockers, not interfere with them.

Don't use network wide blocking along with uBO. uBO already contains most of the domains your usual network-wide blocker's list contains. You can leave your network-wide blocking on for other devices, but disable it for your computer on which you use uBO.

Using any other content blocking mechanism along with uBO has a 11/10 chance of causing more harm than good. See this pre-requisite:

• [ ] I have verified that the web browser's built-in blocker or DNS blocking (standalone or through a VPN) is not causing the issue.

---

No way to return, like, a fake 200 request status to it? I'm not too familiar with how capable uBo's platform is.

The reason we whitelist the adserver is because it's the easiest and simplest solution.

[x8009]

I disabled everything expect the Ublock standard blocking and it still doesn't work.. I disabled Ghostery and Tampermonkey and that's all I have. the only the way I have it with Ublock QuickFix and Ublock Ads disabled it works perfect

Enabling the Ublock ADS shows the Ad Block pop up Enabling the Ublock QuickFix disable the search ability

@x8009 You have quite a customized configuration of uBO. Reset uBO to defaults, remove all other extensions, disable any DNS blocking, and test again.

I don't use any DNS expect 1.1.1.1

uBlock Origin: 1.55.0
Chromium: 121
filterset (summary):
 network: 16557
 cosmetic: 11457
 scriptlet: 20444
 html: 0
listset (total-discarded, last-updated):
 removed:
  easylist: null
  easyprivacy: null
  plowe-0: null
  urlhaus-1: null
 default:
  user-filters: 3-0, never
  ublock-badware: 7845-14, now
  ublock-filters: 37285-102, 1m
  ublock-privacy: 999-0, now
  ublock-quick-fixes: 266-24, 1m
  ublock-unbreak: 2213-2, now
filterset (user): [array of 4 redacted]
trustedset:
 added: [array of 42 redacted]
switchRuleset:
 added: [array of 1 redacted]
hostRuleset:
 added: [array of 36 redacted]
userSettings:
 advancedUserEnabled: true
 suspendUntilListsAreLoaded: true
hiddenSettings: [none]
supportStats:
 allReadyAfter: 325 ms (selfie)
 maxAssetCacheWait: 197 ms
 cacheBackend: browser.storage.local
popupPanel:
 blocked: 1
 network:
  googletagmanager.com: 1
 extended:
  ##+js(set-constant, HTMLScriptElement.prototype.onerror, noopFun…
  ##+js(addEventListener-defuser, error)

[TMan-21]

Problem still persists after doing everything

uBlock Origin: 1.56.0 Chromium: 121 filterset (summary): network: 125431 cosmetic: 45621 scriptlet: 20294 html: 0 listset (total-discarded, last-updated): removed: user-filters: null default: easylist: 81761-13, 2m Δ easyprivacy: 50277-6, 25m plowe-0: 3782-1186, 25m ublock-badware: 8002-142, 25m ublock-filters: 37376-399, never ublock-privacy: 744-6, 25m ublock-quick-fixes: 126-1, 2m Δ ublock-unbreak: 2223-32, 2m Δ urlhaus-1: 8990-0, 25m filterset (user): [empty] userSettings: [none] hiddenSettings: [none] supportStats: allReadyAfter: 157 ms (selfie) maxAssetCacheWait: 71 ms cacheBackend: browser.storage.local

[liamengland1]

The site is dead and the filters can be removed