Uassets: [Resource abuse] netlify.com

@ZaphodBeebblebrox check also

123moviesgo.nl
123movieshub.asia
123movieshub.cx
7tors.com
bmovie123.me
bmoviego.me
bmovies123.me
btstors.com
cmovieshd.nl
fbmovies.org
fmoviesgo.me
gomovie123.me
gomovies123.me
idope.tv
seventorrents.cc
skytorrents.co
skytorrents.me
stream247.me
watch-free.co
watchfreemovies.tv
xmovies8.nl

That settles it for me. Blocking third-party scripts from that domain.

Edit: Guess you came to the same conclusion.

Do we know if anything legitimate is served from netlify? Blocking a whole CDN seems like it could have negative side effects.

It seems to be a websites builder, their site is still unbroken.
If some subdomain on netlify is used to deliver malware / mining content, well ... is their call to avoid such behaviour.

Here a blog post about how to use netlify.com to earn crypto
https://www.netlify.com/blog/2018/11/02/how-to-earn-cryptocurrency-with-your-netlify-site/

If they're actively promoting that their services be used to serve up crypto-miners without any user consent, then they are far from legitimate, and deserve to be blacklisted.

You can't block the whole CDN.
https://github.com/uBlockOrigin/uAssets/issues/1510
https://forums.lanik.us/viewtopic.php?p=131964

You will break functionality on countless websites.

Fanboy: "Given coin miners are using your site to host there scripts, Unless this changes, I'm in no rush to remove this."

They are complaining the cdn is blocked but do nothing to stop such bad use.

https://www.netlify.com/blog/2018/11/02/how-to-earn-cryptocurrency-with-your-netlify-site
what does this blog post have to do with sites secretly cryptomining, which is what we block in uAssets.

They are complaining the cdn is blocked but do nothing to stop such bad use.

Well, they do remove the sites created for the purpose of cryptomining, which is really all they can do.

We don't block cloudfront even though admaven abuses it for it's malicious popup/redirection campaign for years now.

Well, they do remove the sites created for the purpose of cryptomining

Is that a fact? Judging by that blogpost, which is on the site itself, it seems like they're actively promoting the fact that their services should be used for crypto-mining, which is very different from other CDNs being abused unwittingly.

They are promoting braves weird cryptomining thing, which is consensual. For it to work you need to be using brave, and (I assume) enable BAT. It is not promoting mining without the user's consent.

Again the blogpost, I fail to see what that has to do with the issue at hand.

*$csp=worker-src 'none',domain=123moviesgo.nl|123movieshub.asia|123movieshub.cx|7tors.com|bmovie123.me|bmoviego.me|bmovies123.me|btstors.com|cmovieshd.nl|fbmovies.org|fmoviesgo.me|gomovie123.me|gomovies123.me|idope.tv|seventorrents.cc|skytorrents.co|skytorrents.me|stream247.me|watch-free.co|watchfreemovies.tv|xmovies8.nl

should work for all mentioned domains.

Forget the blogpost then. Obviously you don't wanna break legitimate content. They do appear to be either complicit or complacent though.

Obviously you don't wanna break legitimate content

That is the main point, I can't add such a filter to a list that is enabled by default.
I can understand if some coin mining list says, screw that I will just block the domain.

Hi folks,

I work for Netlify and one of our customers just alerted us to this thread. The assertions made that we run a CDN that serves many sites is true - we host over a million on domains *.netlify.com - and only a handful are our own (and of course none of these have any mining scripts on them). Most are free websites of our customers, and some are also websites of paying customers. Regardless of whether you pay us to use our service or not, we definitely do NOT intend to host non-consensual mining scripts, even if they are used on other websites rather than on *.netlify.com-hosted sites. We welcome reports to [email protected] which we always react to within a business day - but usually within minutes.

Thanks so much for not blocking our CDN!

I'm happy to answer any follow-up questions or clarify anything.

The domains have now been taken down. They told me they have "disabled the sites (and the 4 other sites owned by the same account), and banned the user from [their] service" and when you go to the domains, it says this site has been suspended.