fishstrap.com: badware

[d44df016fe28bc8d5974]

Prerequisites

• This is NOT a YouTube, Facebook, Twitch or a shortener/hosting site report. These sites MUST be reported by clicking their respective links.
• I read and understand the policy about what is a valid filter issue.
• I verified that this issue is not a duplicate. (Use this button to find out.). Comment in the old issue threads even when they are closed or even if you have a different problem.
• I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
• I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
• I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
• I have verified that the web browser's built-in content blocker/tracking protection, network wide/DNS blocking, or my VPN is not causing the issue.
• I have turned off all other extensions and the issue still persists. (exception "Firefox Multi-Account Containers").
• If this is about a breakage or detection, I have verified that it is caused by uBlock Origin and isn't a site or browser issue.
• I did not answer truthfully to ALL the above checkboxes.

URL address of the web page

https://fishstrap.com/

Category

badware

Description

This site is a fishstrap site that claims to be official. The only 2 official sources are https://github.com/returnrqt/fishstrap and https://fishstrap.app/

Other extensions used

none

Screenshot(s)

Screenshot(s)

Configuration

uBlock Origin: 1.62.0
Firefox: 134
filterset (summary):
 network: 432039
 cosmetic: 176797
 scriptlet: 55512
 html: 2476
listset (total-discarded, last-updated):
 added:
  https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/Dandelion%20Sprout's%20Anti-Malware%20List.txt: 143325-75, now
  https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/LegitimateURLShortener.txt: 2704-0, now
  https://raw.githubusercontent.com/fmhy/FMHYFilterlist/main/filterlist.txt: 454-2, now
  https://raw.githubusercontent.com/gijsdev/ublock-hide-yt-shorts/master/list.txt: 25-0, now
  adguard-generic: 95593-4509, now
  adguard-spyware-url: 1947-253, now
  adguard-spyware: 142535-1644, now
  curben-phishing: 507-1, now
  adguard-cookies: 33107-1699, now
  ublock-cookies-adguard: 2563-28, now
  fanboy-cookiemonster: 47395-18392, now
  ublock-cookies-easylist: 2563-2563, now
  [9 lists not shown]: [too many]
 default:
  user-filters: 62-0, never
  ublock-filters: 40056-365, now
  ublock-badware: 12177-415, now
  ublock-privacy: 1930-83, now
  ublock-unbreak: 2620-2, now
  ublock-quick-fixes: 266-32, now
  easylist: 71212-19918, now
  easyprivacy: 53299-29597, now
  urlhaus-1: 22440-0, now
  plowe-0: 3545-1091, now
filterset (user): [array of 62 redacted]
trustedset:
 added: [array of 17 redacted]
switchRuleset:
 added: [array of 50 redacted]
 removed:
  no-large-media: behind-the-scene false
hostRuleset:
 added: [array of 272 redacted]
 removed:
  behind-the-scene * * noop
  behind-the-scene * image noop
  behind-the-scene * 3p noop
  behind-the-scene * inline-script noop
  behind-the-scene * 1p-script noop
  behind-the-scene * 3p-script noop
  behind-the-scene * 3p-frame noop
userSettings:
 advancedUserEnabled: true
 ignoreGenericCosmeticFilters: true
 largeMediaSize: 10
hiddenSettings: [none]
supportStats:
 allReadyAfter: 3683 ms
 maxAssetCacheWait: 1688 ms
 cacheBackend: indexedDB
popupPanel:
 blocked: 3
 network:
  clonecroak.com: 2
  googletagmanager.com: 1

[JobcenterTycoon]

We don’t block sites which are "unofficial". There need to be a real thread like malware or phishing but the download links i see point to the official github.

[d44df016fe28bc8d5974]

the site leads to the official github download, but thats also not a reason to continue using it because that could change at any time.

[JobcenterTycoon]

"It could" is not enough to block a site. Also there are no flags on virustotal.

[d44df016fe28bc8d5974]

"It could" is a good reason for the site to get blocked, in a other issue bloxstrap.app was blocked even though it has no flags on virustotal and doesn't host any malware.

[JobcenterTycoon]

@MasterKia

[stephenhawk8054]

in a other issue bloxstrap.app was blocked even though it has no flags on virustotal and doesn't host any malware.

Tbh, that's what I want to not address in the list either. There are thousands of clone sites of Facebook, Instagram, Netflix... hosting on github, and we cannot block every single one of them.

https://ublockorigin.com is a fan site, linking download links to browsers' extensions store and there's no reasons for us to block it either just because it's not uBO official page.

https://x.com/ublockorigin is another fan made page, but in social media aspect, and links to a github link. By the definition of "it could", we should block it too.

What we would face in every page blocking is what arguments we can use to reply if the page owners come here to complain? Reporters will just report once, and then all of the responsibilities of later arguments fall back to us. The only valid arguments we could use is "the site is having advertisements", which is a really weak argument to justify blocking a whole site.

[MasterKia]

If the fake site doesn't say it's an unofficial site, then I think it's fine to block it if there is a complaint by main site that we could refer to.

[MasterKia]

in a other issue bloxstrap.app was blocked even though it has no flags on virustotal and doesn't host any malware.

The complaint for bloxstrap by its owner:

I'm the creator and owner of the Bloxstrap project. It's popular enough that there have been about a dozen people making unofficial websites for it of which I have real concerns about, and I'm glad to see that an effort has been made to block them