There's a certain company website I've been in the habit of checking
for years; it's at www.rpc.co.uk.

Suddenly I'm getting an error page, containing the following HTML code:

<title>Microsoft</title></head><body><div id='content'><div
id='message'><h2>The request is blocked.</h2></div><div
id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>

I can't get round it even by disabling NoScript completely. Any ideas?
I'm using 112.0.2 under Linux Mint.

On Thu, 3 Aug 2023 09:49:44 +0100, Handsome Jack wrote:

> There's a certain company website I've been in the habit of checking
> for years; it's at www.rpc.co.uk.
>
> Suddenly I'm getting an error page, containing the following HTML code:
>
> <title>Microsoft</title></head><body><div id='content'><div
> id='message'><h2>The request is blocked.</h2></div><div
> id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
>
> I can't get round it even by disabling NoScript completely. Any ideas?
> I'm using 112.0.2 under Linux Mint.

ISTM The site is choosing to block Linux, using simple user-agent sniffing
to identify Linux. Change your user-agent to say Windows 10 Pro and the
site should work.

Testing:

1. The site works for me with Firefox 116.0 on Windows 10 Pro.

2. With Firefox 115.0.2 on Linux Mint 21.2, the site blocks me with much
the same message.

3. In Firefox on Linux Mint I set general.useragent.override to pretend to
be Firefox 115.0.2 on Windows 10 Pro, cleared cookies, and tried again.
This time the site worked.

Conclusion:
The site is choosing to block Linux, using simple user-agent sniffing to
identify Linux.
The same Firefox version (115.0.2) was blocked or allowed depending on
the OS in the user-agent string.

--
Kind regards
Ralph
🦊

On Thu, 03 Aug 2023 22:33:34 +1200
Ralph Fox <-rf-nz-@-.invalid> wrote:

> On Thu, 3 Aug 2023 09:49:44 +0100, Handsome Jack wrote:
>
> > There's a certain company website I've been in the habit of checking
> > for years; it's at www.rpc.co.uk.
> >
> > Suddenly I'm getting an error page, containing the following HTML
> > code:
> >
> > <title>Microsoft</title></head><body><div id='content'><div
> > id='message'><h2>The request is blocked.</h2></div><div
> > id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
> >
> >
> > I can't get round it even by disabling NoScript completely. Any
> > ideas? I'm using 112.0.2 under Linux Mint.
>
>
> ISTM The site is choosing to block Linux, using simple user-agent
> sniffing to identify Linux.

What an extraordinary thing to do. Why would they do that? It's a law
firm, for god's sake.

> Change your user-agent to say Windows 10
> Pro and the site should work.

Yes, putting Windows 10 Pro into that entry in about:config seems to
work. Thanks. Let's hope there are no websites that block Windows
clients.

>
> Testing:
>
> 1. The site works for me with Firefox 116.0 on Windows 10 Pro.
>
> 2. With Firefox 115.0.2 on Linux Mint 21.2, the site blocks me with
> much the same message.
>
> 3. In Firefox on Linux Mint I set general.useragent.override to
> pretend to be Firefox 115.0.2 on Windows 10 Pro, cleared cookies, and
> tried again. This time the site worked.
>
> Conclusion:
> The site is choosing to block Linux, using simple user-agent
> sniffing to identify Linux.
> The same Firefox version (115.0.2) was blocked or allowed
> depending on the OS in the user-agent string.
>
>

On 03/08/2023 11:33, Ralph Fox wrote:
> On Thu, 3 Aug 2023 09:49:44 +0100, Handsome Jack wrote:
>
>> There's a certain company website I've been in the habit of checking
>> for years; it's at www.rpc.co.uk.
>>
>> Suddenly I'm getting an error page, containing the following HTML code:
>>
>> <title>Microsoft</title></head><body><div id='content'><div
>> id='message'><h2>The request is blocked.</h2></div><div
>> id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
>>
>> I can't get round it even by disabling NoScript completely. Any ideas?
>> I'm using 112.0.2 under Linux Mint.
>
>
> ISTM The site is choosing to block Linux, using simple user-agent sniffing
> to identify Linux. Change your user-agent to say Windows 10 Pro and the
> site should work.
>
> Testing:
>
> 1. The site works for me with Firefox 116.0 on Windows 10 Pro.
>
> 2. With Firefox 115.0.2 on Linux Mint 21.2, the site blocks me with much
> the same message.
>
> 3. In Firefox on Linux Mint I set general.useragent.override to pretend to
> be Firefox 115.0.2 on Windows 10 Pro, cleared cookies, and tried again.
> This time the site worked.
>
> Conclusion:
> The site is choosing to block Linux, using simple user-agent sniffing to
> identify Linux.
> The same Firefox version (115.0.2) was blocked or allowed depending on
> the OS in the user-agent string.
>
>

Works fine for me:
Slackware Current 64-bit
Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
SeaMonkey/2.53.17

--

Chris Elvidge, England
THE GOOD HUMOR MAN CAN ONLY BE PUSHED SO FAR

On Thu, 2023-08-03 at 22:33 +1200, Ralph Fox wrote:
> On Thu, 3 Aug 2023 09:49:44 +0100, Handsome Jack wrote:
>
> > There's a certain company website I've been in the habit of
> > checking
> > for years; it's at www.rpc.co.uk.
> >
> > Suddenly I'm getting an error page, containing the following HTML
> > code:
> >
> > <title>Microsoft</title></head><body><div id='content'><div
> > id='message'><h2>The request is blocked.</h2></div><div
> > id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMT
> > cyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div>
> > </div></body></html>
> >
> > I can't get round it even by disabling NoScript completely. Any
> > ideas?
> > I'm using 112.0.2 under Linux Mint.
>
>
> ISTM The site is choosing to block Linux, using simple user-agent
> sniffing
> to identify Linux.  Change your user-agent to say Windows 10 Pro and
> the
> site should work.
>
> Testing:
>
> 1.  The site works for me with Firefox 116.0 on Windows 10 Pro.
>
> 2.  With Firefox 115.0.2 on Linux Mint 21.2, the site blocks me with
> much
>     the same message.
>
> 3.  In Firefox on Linux Mint I set general.useragent.override to
> pretend to
>     be Firefox 115.0.2 on Windows 10 Pro, cleared cookies, and tried
> again.
>     This time the site worked.
>
> Conclusion: 
>     The site is choosing to block Linux, using simple user-agent
> sniffing to
>     identify Linux.
>     The same Firefox version (115.0.2) was blocked or allowed
> depending on
>     the OS in the user-agent string.
>
>
Linux Debian user here. I can access said site via both Firefox
102.13.0esr and Vivaldi 6.1.3035.204. Doesn't look like a simple Linux
block. No user agent overrides in place here.

Chris.

"Handsome Jack" <nobody@nowhere.org> wrote

| There's a certain company website I've been in the habit of checking
| for years; it's at www.rpc.co.uk.
|

You routinely check a website for legal services? It sounds
like you have bigger problems than browsers. :)

| <title>Microsoft</title></head><body><div id='content'><div
| id='message'><h2>The request is blocked.</h2></div><div

The page
has a fair amount of spyware, including google analytics
and googletagmanager (visitor tracking and ad management
respectively). But it also has both script and web bug code to
linkedin and licdn.com (also linkedin). That code seems to be
somehow checking with linkedin for a profile, or maybe trying to
tag you with their "linkedin partner ID". That could be the culprit,
since you said Microsoft is popping up the message. It might also
make sense insofar as that white collar "prestige" workers, such
as lawyers, seem to be the primary suckers for linkedin.

There's also an oddball iframe from yoshki.com. Sounds
Japanese, right? No. It's from Evesham Solutions in England,
a company that manages websites. In short, there's a lot of
funny business on that webpage.

The page is no problem for me, but I generally don't allow
any script, so there's no way to pop up an "error". And I have
linkedin in my HOSTS file, since they've long been known for
being a spyware operation.

You mentioned disabling NoScript. But if you have NoScript
then why were you able to see a script-fired message in the
first place? NoScript isn't much good if you're going to set
oodles of defaults where script can run. (If you haven't done
that, check the settings. NoScript has been sneaking in
a long list of pre-approved script sources. I disable pretty much
all of them.)

There does seem to be something about NoScript, though, too.
I haven't figured it out, but not long ago I started a Starz
subscription. It worked fine if I allowed only a couple of script
sources from Starz itself. Last week it suddenly acted up. On my
Chromium on Raspberry Pi the login was stuck on "Verifying...".
On Win7 FF it was also stuck. With unGoogled Chromium I get a
message that my browser is out of date... I finally got it to work
in FF by disabling the NoScript plugin before loading the page... I've
since cancelled my subscription. Starz runs script from "everyone
and his brother", allowing Google, Apple and others to track
viewers. But I still don't know exactly what mechanism they were
using to block me out. I was only disabling script from irrelevant
spyware companies. What especially bugs me is the lying. They're
blocking my access but won't explain why. They just pretend it's
a browser problem.

On Thu, 3 Aug 2023 08:56:32 -0400
"Newyana2" <Newyana2@invalid.nospam> wrote:

> "Handsome Jack" <nobody@nowhere.org> wrote
>
> | There's a certain company website I've been in the habit of checking
> | for years; it's at www.rpc.co.uk.
> |
>
> You routinely check a website for legal services? It sounds
> like you have bigger problems than browsers. :)
>
>
> | <title>Microsoft</title></head><body><div id='content'><div
> | id='message'><h2>The request is blocked.</h2></div><div
>
> The page
> has a fair amount of spyware, including google analytics
> and googletagmanager (visitor tracking and ad management
> respectively).

A large number of corporate websites do, and yet I can still see them.

> But it also has both script and web bug code to
> linkedin and licdn.com (also linkedin). That code seems to be
> somehow checking with linkedin for a profile, or maybe trying to
> tag you with their "linkedin partner ID". That could be the culprit,
> since you said Microsoft is popping up the message. It might also
> make sense insofar as that white collar "prestige" workers, such
> as lawyers, seem to be the primary suckers for linkedin.

The question is, why does it block *my* browser and not (some) others?
The site owners don't know what colour collar I wear.
> There's also an oddball iframe from yoshki.com. Sounds
> Japanese, right? No. It's from Evesham Solutions in England,
> a company that manages websites. In short, there's a lot of
> funny business on that webpage.
>
> The page is no problem for me,

You mean it shows up all right? What browser?

> but I generally don't allow
> any script, so there's no way to pop up an "error".

Don't you ever get 404 and 403 errors? You don't need to run scripts to
show those.

> And I have
> linkedin in my HOSTS file, since they've long been known for
> being a spyware operation.
>
> You mentioned disabling NoScript. But if you have NoScript
> then why were you able to see a script-fired message in the
> first place?

I don't know. Why do you think the message is "script-fired"?

> NoScript isn't much good if you're going to set
> oodles of defaults where script can run. (If you haven't done
> that, check the settings. NoScript has been sneaking in
> a long list of pre-approved script sources. I disable pretty much
> all of them.)

I do allow script to run on sites where (i) it needs to run in order
to show me the content and (ii) I know the site owner to be kosher.
Otherwise they get the default no-script treatment (and I have
de-approved some of the pre-approved ones).

>
> There does seem to be something about NoScript, though, too.
> I haven't figured it out, but not long ago I started a Starz
> subscription. It worked fine if I allowed only a couple of script
> sources from Starz itself. Last week it suddenly acted up. On my
> Chromium on Raspberry Pi the login was stuck on "Verifying...".
> On Win7 FF it was also stuck. With unGoogled Chromium I get a
> message that my browser is out of date... I finally got it to work
> in FF by disabling the NoScript plugin before loading the page...

Yes, I sometimes have to do that. Temporarily.

On 8/3/2023 1:49 AM, Handsome Jack wrote:
> There's a certain company website I've been in the habit of checking
> for years; it's at www.rpc.co.uk.
>
> Suddenly I'm getting an error page, containing the following HTML code:
>
> <title>Microsoft</title></head><body><div id='content'><div
> id='message'><h2>The request is blocked.</h2></div><div
> id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
>
> I can't get round it even by disabling NoScript completely. Any ideas?
> I'm using 112.0.2 under Linux Mint.
>

Windows 7
SeaMonkey 2.53.16 with "Advertise Firefox compatibility" disabled
uBlock Origin 1.16.4.30

No problem with the page at <http://www.rpc.co.uk/>.

--
David E. Ross
<http://www.rossde.com/>

Is it possible that a Republican agent planted the
cocaine in the White House in an attempt to discredit
President Biden?

"Handsome Jack" <nobody@nowhere.org> wrote in message
| | > But it also has both script and web bug code to
| > linkedin and licdn.com (also linkedin). That code seems to be
| > somehow checking with linkedin for a profile, or maybe trying to
| > tag you with their "linkedin partner ID". That could be the culprit,
| > since you said Microsoft is popping up the message. It might also
| > make sense insofar as that white collar "prestige" workers, such
| > as lawyers, seem to be the primary suckers for linkedin.
| | The question is, why does it block *my* browser and not (some) others?
| The site owners don't know what colour collar I wear.
| I'm just listing what I could find. There's a possibility
that either linkedin doesn't like you, or they're unable to
ID you. Just guessing.

| > The page is no problem for me,
| | You mean it shows up all right? What browser?
|

Seems to look fine. In fact, it works surprisingly well
considering that I block all script and block Google
properties, as well as linkedin, via HOSTS file. Many
sites don't work nearly so well without script, but on
this site the menu links work, the images load... there's
just some minor layout trouble. For instance, the
"Apply Now" block on the Careers page is extremely
narrow. And the background image on the landing page
was done wrong. It's a cityscape image that's repeating
in the lower quarter of the image. Very odd.

Right now I'm on XP, with FF and New Moon. FF52. Both
have NoScript. Both are spoofing the userAgent as current
FF. I avoid all things Google, so I don't have Chrome here.
I also don't allow Microsoft browsers online, so I haven't
seen an online page in IE or Edge for decades. I generally
only use FF variants.

| > but I generally don't allow
| > any script, so there's no way to pop up an "error".
| | Don't you ever get 404 and 403 errors? You don't need to run scripts to
| show those.
|

Sure I get those, but they're just generic server responses.
404 is just saying there's no such page. A 403 typically just says
"403 Forbidden". You seem to be getting some kind of custom
message from MS, which is what made me think of linkedin.

Here's an example of a page where I consistently get a 403:
https://winaerotweaker.com/download/

I don't know why. Maybe it's because I block the referrer?
I find a 403 is not unusual. And sometimes it's a server glitch,
working OK later.

One of the most consistent problems for me is homedepot
and lowes. With both it sometimes works and sometimes not.
Especially with internal links, I sometimes get a page that says
"You don't have access" and seems to be generated by server-
side software dynamically. But it doesn't always happen. Both
companies seem to be using the same faulty coding.

| > You mentioned disabling NoScript. But if you have NoScript
| > then why were you able to see a script-fired message in the
| > first place?
| | I don't know. Why do you think the message is "script-fired"?
| It's possible that it's not. I'm just guessing because I have
no trouble with the page and because there's not much a page
can do actively that doesn't require script. With no script they
can check referrer, userAgent, IP, but not much else. They could
run code serverside to block browsers with no referrer, or they
could choose to block from certain countries, for example. But
anything like calling in Linkedin operations will require script.

They can't even check whether script has run unless they
have some script running. That's why media companies have so
much trouble. For example, I have no trouble reading NYTimes
articles with no script, while people allowing script are usually
sent to a login page. I used to have trouble reading forbes.com.
Looking at their code I discovered there's a newish trend of actually
putting the entire webpage code inside of script. No script, no
webpage! Other sites will put an opaque DIV on top of the whole page
that's only removed by script. So I see blank white or black and
have to toggle CSS to see the page.

So I have trouble with sites that try to foil people blocking script.
But since I normally don't allow ANY script, there's nothing that
sites can do to track me or investigate such things as installed
fonts, location, screen size, and so on. Similarly, they can't check
whether I use an adblocker unless I allow script.

It's also possible that the error you saw was a temporary server
glitch. I got curious and did a search. I came across links like
this:
https://www.excelforum.com/excel-programming-vba-macros/1376640-context-sensitive-help-now-goes-to-the-request-is-blocked-page.html

It seems that the message happens on MS servers and it can be
finicky, requiring just the right config. One site talking about
setting up Azure services suggested deleting all cookies. I don't
know if any of the will help, but it does sound like this could be
merely serverside confusion. Notice that at the link above, the
person having the trouble found that it stopped later.

On Thu, 3 Aug 2023 13:23:13 -0400
"Newyana2" <Newyana2@invalid.nospam> wrote:

> "Handsome Jack" <nobody@nowhere.org> wrote in message
> |
> | > But it also has both script and web bug code to
> | > linkedin and licdn.com (also linkedin). That code seems to be
> | > somehow checking with linkedin for a profile, or maybe trying to
> | > tag you with their "linkedin partner ID". That could be the
> culprit, | > since you said Microsoft is popping up the message. It
> might also | > make sense insofar as that white collar "prestige"
> workers, such | > as lawyers, seem to be the primary suckers for
> linkedin. |
> | The question is, why does it block *my* browser and not (some)
> others? | The site owners don't know what colour collar I wear.
> |
> I'm just listing what I could find. There's a possibility
> that either linkedin doesn't like you, or they're unable to
> ID you. Just guessing.

But when I switch the general.useragent.override string back to default
blank again, the server shuts me out with almost the same message
(except that now the page title is no longer "Microsoft" but "Service
unavailable"). So it doesn't seem to be anything to do with linkedin or
Google. It seems to be a setting on the server that says "We don't like
this kind of browser".

I have to admit that I have no idea how scripts and code on web pages
works, so I am just guessing here. I do not understand most of what you
wrote in this post.

>
> | > The page is no problem for me,
> |
> | You mean it shows up all right? What browser?
> |
>
> Seems to look fine. In fact, it works surprisingly well
> considering that I block all script and block Google
> properties, as well as linkedin, via HOSTS file. Many
> sites don't work nearly so well without script, but on
> this site the menu links work, the images load... there's
> just some minor layout trouble. For instance, the
> "Apply Now" block on the Careers page is extremely
> narrow. And the background image on the landing page
> was done wrong. It's a cityscape image that's repeating
> in the lower quarter of the image. Very odd.

I don't get any of that when I alter my browser settings to Windows 10
to make the page get delivered. The page looks just like it always used
to look before this issue arose.

>
> Right now I'm on XP, with FF and New Moon. FF52. Both
> have NoScript. Both are spoofing the userAgent as current
> FF. I avoid all things Google, so I don't have Chrome here.
> I also don't allow Microsoft browsers online, so I haven't
> seen an online page in IE or Edge for decades. I generally
> only use FF variants.
>
> | > but I generally don't allow
> | > any script, so there's no way to pop up an "error".
> |
> | Don't you ever get 404 and 403 errors? You don't need to run
> scripts to | show those.
> |
>
> Sure I get those, but they're just generic server responses.
> 404 is just saying there's no such page. A 403 typically just says
> "403 Forbidden". You seem to be getting some kind of custom
> message from MS, which is what made me think of linkedin.
>
> Here's an example of a page where I consistently get a 403:
> https://winaerotweaker.com/download/
>
> I don't know why. Maybe it's because I block the referrer?
> I find a 403 is not unusual. And sometimes it's a server glitch,
> working OK later.
>
> One of the most consistent problems for me is homedepot
> and lowes. With both it sometimes works and sometimes not.
> Especially with internal links, I sometimes get a page that says
> "You don't have access" and seems to be generated by server-
> side software dynamically. But it doesn't always happen. Both
> companies seem to be using the same faulty coding.
>
> | > You mentioned disabling NoScript. But if you have NoScript
> | > then why were you able to see a script-fired message in the
> | > first place?
> |
> | I don't know. Why do you think the message is "script-fired"?
> |
> It's possible that it's not. I'm just guessing because I have
> no trouble with the page and because there's not much a page
> can do actively that doesn't require script. With no script they
> can check referrer, userAgent, IP, but not much else. They could
> run code serverside to block browsers with no referrer, or they
> could choose to block from certain countries, for example. But
> anything like calling in Linkedin operations will require script.

For me, it didn't matter whether scripts were turned on or
off. In either case, the page was blocked if I had useragent.override
left blank; and in either case it was delivered if I spoofed
useragent.override with "Windows 10 Pro". Although the page does load
very slowly.

Incidentally, it turns out that putting in "Windows Edge" or "Windows is Rubbish" also work. So
does "Firefox for Linux". It's only when you leave that parameter blank that it doesn't load.

>
> They can't even check whether script has run unless they
> have some script running. That's why media companies have so
> much trouble. For example, I have no trouble reading NYTimes
> articles with no script, while people allowing script are usually
> sent to a login page. I used to have trouble reading forbes.com.
> Looking at their code I discovered there's a newish trend of actually
> putting the entire webpage code inside of script. No script, no
> webpage!

The Forbes website is proverbially awful, possibly the worst ever
designed, though there are a few people who think there are
worse ones.

> Other sites will put an opaque DIV on top of the whole page
> that's only removed by script. So I see blank white or black and
> have to toggle CSS to see the page.
>
> So I have trouble with sites that try to foil people blocking
> script. But since I normally don't allow ANY script, there's nothing
> that sites can do to track me or investigate such things as installed
> fonts, location, screen size, and so on. Similarly, they can't check
> whether I use an adblocker unless I allow script.
>
> It's also possible that the error you saw was a temporary server
> glitch.

No, it's not temporary. I just tried it again, toggling the
useragent.override setting on and off. I got the "Service
unavailable" error with it off, and I got the web page proper with it
set to "Windows 10 Pro" as Ralph suggested.

> I got curious and did a search. I came across links like
> this:
> https://www.excelforum.com/excel-programming-vba-macros/1376640-context-sensitive-help-now-goes-to-the-request-is-blocked-page.html
>
> It seems that the message happens on MS servers and it can be
> finicky, requiring just the right config. One site talking about
> setting up Azure services suggested deleting all cookies. I don't
> know if any of the will help, but it does sound like this could be
> merely serverside confusion. Notice that at the link above, the
> person having the trouble found that it stopped later.
>

The people on that thread never found out what was going on either.

On Thu, 3 Aug 2023 12:32:26 +0100, Chris Elvidge wrote:

> Works fine for me:
> Slackware Current 64-bit
> Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 SeaMonkey/2.53.17

The version number also makes a difference.

These work here:
        Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
        Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 SeaMonkey/2.53.17

These are blocked here:
        Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0
        Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0 SeaMonkey/2.53.17

Try it again after increasing the version numbers to show Firefox 109.
In about:config, for example,

general.useragent.override = "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0 SeaMonkey/2.53.17"

--
Kind regards
Ralph
🦊

On Thu, 03 Aug 2023 12:44:32 +0100, Chris Ramsden wrote:

> Linux Debian user here. I can access said site via both Firefox
> 102.13.0esr and Vivaldi 6.1.3035.204. Doesn't look like a simple Linux
> block. No user agent overrides in place here.

The version number also makes a difference.

Here, it blocks Firefox version 109 on Linux but not Firefox version 108 or lower.

--
Kind regards
Ralph
🦊

David E. Ross wrote:
> Windows 7
> SeaMonkey 2.53.16 with "Advertise Firefox compatibility" disabled
> uBlock Origin 1.16.4.30
>
> No problem with the page at<http://www.rpc.co.uk/>.

Win 10, Seamonkey 2.53.18, Advertise Compatibility enabled, and
uBlockOrigin 1.16.4.30, and NoScript 5.1.9.

Even with all the scripting blocked, I'm not having any problems. I
also reset the User-Agent string to Mozilla/5.0 (X11; Linux x86_64;
rv:60.0) Gecko/20100101 Firefox/60.0 SeaMonkey/2.53.14 and no problems
there, either. I haven't tried on a true Linux setup.

I'm going to suggest to OP that it might be worth clearing the cache and
cookies in Firefox.

Smith

On Thu, 3 Aug 2023 08:56:32 -0400, Newyana2 wrote:
> "Handsome Jack" <nobody@nowhere.org> wrote

> | Suddenly I'm getting an error page, containing the following HTML code:
> |
> | <title>Microsoft</title></head><body><div id='content'><div
> | id='message'><h2>The request is blocked.</h2></div><div
> | id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
>
> The page
> has a fair amount of spyware, including google analytics
> and googletagmanager (visitor tracking and ad management
> respectively). But it also has both script and web bug code to

Not when it is blocked. The block is a '403 Forbidden' block on the
load of https://www.rpc.co.uk/ . The browser does not even get as
far as loading any scripts or spyware.

HTTP REQUEST
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GET / HTTP/1.1
Host: www.rpc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: visid_incap_314804=PswXU3KgRziQDDhihzEnvKQWzGQAAAAAQUIPAAAAAAAa3+0e9/jJ7vpDyBXLsEDW; incap_ses_997_314804=LGYVMWGCKXiviHLDWg/WDaQWzGQAAAAA0DHCPx9+uqOjOvFntlzsdQ==; nlbi_314804=+Y2fe5YFGT4dpemDQRDkdAAAAADc7/ES/mwGCFffPpWqJDtg; ASP.NET_SessionId=dedluaks0hthvejacmyiedrl; CookieConsent={stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:3%2Cutc:1691097579420%2Cregion:%27NZ%27}; _ga=GA1.1.1880288547.1691097583; _gid=GA1.3.570513780.1691097583; _gcl_au=1.1.652630332.1691097583; _ga_FHJWZGGFR7=GS1.1.1691097583.1.0.1691097583.60.0.0; _ce.s=v~2b943c9c03984ea6f4e52cbdd09fe7b1da8b9a6c~lcw~1691097584799~vpv~0~lcw~1691097584799; cebs=1; _ce.clock_event=1; _ce.clock_data=251%2C118.149.78.144%2C1%2C72a8090179f77d8a8221f57e9b17ca91; cebsp_=1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HTTP RESPONSE
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HTTP/1.1 403 Forbidden
X-Azure-Ref: 0XxvMZAAAAACrVMdoOp21SJwFy1Kp6SMoQUtMMzBFREdFMDMxOQBmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=
Date: Thu, 03 Aug 2023 21:25:51 GMT
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-CDN: Imperva
X-Iinfo: 2-1370543-1370551 NNNN CT(1 11 0) RT(1691097950799 122) q(0 0 0 -1) r(0 0) U11

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta content='text/html; charset=utf-8' http-equiv='content-type'/><style type='text/css'>body { font-family:Arial; margin-left:40px; }img { border:0 none; }#content { margin-left: auto; margin-right: auto }#message h2 { font-size: 20px; font-weight: normal; color: #000000; margin: 34px 0px 0px 0px }#message p { font-size: 13px; color: #000000; margin: 7px 0px 0px 0px }#errorref { font-size: 11px; color: #737373; margin-top: 41px }</style><title>Microsoft</title></head><body><div id='content'><div id='message'><h2>The request is blocked.</h2></div><div id='errorref'><span>0XxvMZAAAAACrVMdoOp21SJwFy1Kp6SMoQUtMMzBFREdFMDMxOQBmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--
Kind regards
Ralph
🦊

On Thu, 3 Aug 2023 14:21:32 -0700, NFN Smith wrote:

> Even with all the scripting blocked, I'm not having any problems.

The website block occurs before the browser has even loaded any scripts.
Blocking scripts will not affect the website block.

> I also reset the User-Agent string to Mozilla/5.0 (X11; Linux x86_64;
> rv:60.0) Gecko/20100101 Firefox/60.0 SeaMonkey/2.53.14 and no problems
> there, either.

Try a User-Agent showing Firefox 109 or higher, for example:

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0 SeaMonkey/2.53.14

> I haven't tried on a true Linux setup.

--
Kind regards
Ralph
🦊

"Handsome Jack" <nobody@nowhere.org> wrote

| For me, it didn't matter whether scripts were turned on or
| off. In either case, the page was blocked if I had useragent.override
| left blank; and in either case it was delivered if I spoofed
| useragent.override with "Windows 10 Pro". Although the page does load
| very slowly.

That sounds like a clue. Maybe they're checking for non-bots
or some such. In any case, you should never override and then leave
it blank. The point of an override is to pretend to be someone else.
For instance, I mostly use XP with New Moon, but I have less problems
if I pretend to be on Win10 with the latest Firefox. It's best not
to change the browser in an override, either, because many sites
will run different code for different browsers.

On Thu, 3 Aug 2023 14:21:32 -0700
NFN Smith <worldoff9908@gmail.com> wrote:

> David E. Ross wrote:
> > Windows 7
> > SeaMonkey 2.53.16 with "Advertise Firefox compatibility" disabled
> > uBlock Origin 1.16.4.30
> >
> > No problem with the page at<http://www.rpc.co.uk/>.
>
> Win 10, Seamonkey 2.53.18, Advertise Compatibility enabled, and
> uBlockOrigin 1.16.4.30, and NoScript 5.1.9.
>
> Even with all the scripting blocked, I'm not having any problems. I
> also reset the User-Agent string to Mozilla/5.0 (X11; Linux x86_64;
> rv:60.0) Gecko/20100101 Firefox/60.0 SeaMonkey/2.53.14 and no
> problems there, either. I haven't tried on a true Linux setup.
>
> I'm going to suggest to OP that it might be worth clearing the cache
> and cookies in Firefox.
>

[OP speaking] My FF is set to clear everything whenever it closes down.
It doesn't affect the blocking.

On 03/08/2023 16:18, David E. Ross wrote:
> On 8/3/2023 1:49 AM, Handsome Jack wrote:
>> There's a certain company website I've been in the habit of checking
>> for years; it's at www.rpc.co.uk.
>>
>> Suddenly I'm getting an error page, containing the following HTML code:
>>
>> <title>Microsoft</title></head><body><div id='content'><div
>> id='message'><h2>The request is blocked.</h2></div><div
>> id='errorref'><span>052jLZAAAAAAYvQitkB6eSZ9V5h75kRr+TE9OMjFFREdFMTcyMABmMmIwMmY3My0wMWRlLTQ4MTAtYmJkOS02YTgyODYxNDZmZDU=</span></div></div></body></html>
>>
>> I can't get round it even by disabling NoScript completely. Any ideas?
>> I'm using 112.0.2 under Linux Mint.
>>
>
> Windows 7
> SeaMonkey 2.53.16 with "Advertise Firefox compatibility" disabled
> uBlock Origin 1.16.4.30
>
> No problem with the page at <http://www.rpc.co.uk/>.

Likewise Pale Moon 32.3.1 Linux Mint 21.1.

--

Jeff