All Activity

FWIW, I don't believe that the slproweb distributed binaries have been optimised to load on SSE-only CPUs (I don't have the ability to test this hypothesis, though ), which is the case with Reino's DLLs. Personally, I prefer his for TLS-fingerprinting reasons... During recent months, many popular web services have been put behind aggressive anti-bot/anti-AI filters run by Cloudflare ; these filters treat web requests by yt-dlp as originating from a non-browser client (this is true, of course ) and block them "with prejudice" . On supported platforms (Windows 64-bit >= Win7), these blocks can be mitigated (not always successfully) by using the optional curl_cffi yt-dlp dependency and the associated "--impersonate" cmdline flag; but on 32-bit, especially when < Win7, this method can't be used ... One has to try other means of modifying yt-dlp's web requests, so as for them to have TLS fingerprints slightly different from the values inside CF's blocklists; in some cases, the use of the "--legacy-server-connect" flag might be enough, but usually it's not... Another method is to load the web service in a sanctioned browser, then extract session cookies and pass them to yt-dlp, along with the exact --user-agent the cookies came from; doesn't always work. If you are in a position to update the OpenSSL version bundled with the CPython installation used to launch yt-dlp with, then you have best hopes of beating CF's block (because their blocklists contain values generated from "stock" CPython versions, containing whatever "default" OpenSSL version assigned by PSF; usually one of the 3.0.x LTS branch). It's under the above scenario that Reino's DLLs can prove most helpful, because a) with their "special" configuration, they generate TLS-fingerprints deviating (in a good way) from a standard/mainline OpenSSL binary (like the ones from slproweb/overbyte) b) the link to them is less "prominent" in the web, so less prone to be found by CF personnel/bots and their TLS-fingerprints added inside an anti-bot filter; I have found these DLLs to be quite successful in "tough" cases, like the "dailymotion.com" one; so, many thanks Reino for those ... Best regards.

Respectfully, this doesn't add up at all with my findings, which should be possible to reproduce by others (and why would I publicly post untruths in the first place? ) ... I'm always talking about the 3.6.1 (32-bit) DLLs contained in the following archive: https://rwijnsma.home.xs4all.nl/files/openssl/openssl-3.6.1-win32-shared-dev-xpmod-sse.7z As I've posted previously in this thread, I keep a 2017-era copy of MABS (media-autobuild-suite) and if the DLLs had indeed been stripped, then submitting them to a "second" strip-treatment wouldn't result in filesize reduction; however, as I've posted already, I noticed that: Proof from an actual mintty window: OTOH, your static openssl.exe (32-bit) binary contained inside archive https://rwijnsma.home.xs4all.nl/files/openssl/openssl-3.6.1-win32-static-dev-xpmod-sse.7z is indeed a "stripped" binary, because: Regards.

Someone once told me to the effect of "gambling is a poor mans dream"

Generally speaking, you should never get a Cloudflare captcha on any MODERN web browser that UPDATES ITSELF every few weeks. The problem is for those that prefer to NOT run these auto-updates. All it takes is a browser that is THREE OR FOUR versions "old" to TRIGGER the Cloudflare captchas. I've never witnessed anything but a checkbox that checks itself, zero user interaction, when at work (where the IT dept forces me to reboot my laptop 25 times in any given 30 day month all in the guise of "updates" for this or that).

Yeah, I actually have come to hate hate HATE sports! I *literally* NEVER watch anymore (but scroll scores via web browser instead). It was different when I was a kid, but nowadays, every commercial break is sponsored by a GAMBLING COMPANY with tiny fine print at the bottom for those with "gambling addictions". Then there are things like https://www.nbcnewyork.com/news/sports/list-players-coaches-sports-betting-gambling-allegations/6408736/ And this https://www.cnn.com/2024/06/15/sport/sports-betting-gambling-professional-athletes-dg You can't even watch "news" programs that are supposed to cover "sports" without them also covering GAMBLING and be SPONSORED by GAMBLING COMPANIES. I'm waiting for these to become ILLEGAL ADVERTISING (like cigarette commercials, not technically "illegal", but so HEAVILY regulated that no manufacturer bothers to "advertise").

No, this makes things difficult for a server admin. Another site I admin on can often see bot swarms at levels that exhaust server resources (database specifically) and will make the site slow. So I've had to pull the access.log a couple of times and run it through an analyzer tool to find out just how these bots appear. The "good" ones, bots operated by legitimate (although some people may disagree) corporations, have user agents or other identifying information that they send along with their HTTP GET requests. These are bots like search engine spiders and AIs. The Western world bots from Microsoft, Amazon, XAI, etc are all identifyable and more importantly do not tend to bombard sites likely because a lot of information is already cached in datacenters. The corporate bots from SEA have user agents but tend to send way too many requests. The issue is tied between the SEA AI bots and the "unknown" variety that can be determined to be from an AI or LLM setup *somewhere* but they send no information along to the web server. So when 6,000 bots decide to hit the server at some point, 5% are legit western origin, 45% are legit eastern origin and the rest are the unidentified. Of course, many of the unidentified are not actual mysteries, but you can't determine that just from the logs. You'd have to research IP addresses, ports, GET strings, etc and it can be figured out. But this takes an incredible amount of time to not only research, keep up to date and set block/control lists on the server that using a go-between that already has most of this information tracked is very compelling. Especially since Cloudflare has a free option that many sites can use, this is likely why you end up seeing it used so much. All Cloudflare is, basically a software firewall that sits between a website and the user. Cloudflare shows different things to different browsers, browser settings (js enabled or not, etc) and based on perceived country or region of origin. There is also likely a difference between their free and paid version. I personally have not see any sort of captcha from Cloudflare in a long time, I only get a checkbox to prove I'm human.

I don't understand gambling much either. Just for fun I put your question into Gemini and this is an excerpt of what it responded.

But I feel like the TIME that was spent to demonstrate this PROOF is time WASTED. Because my name doesn't begin with a "D" so answers, despite 100% accurate and true, will never be "liked". Yeah, that was a rib-jab.

Q.E.D.

Additionally, and predictably, if you set Supermium to use New Moon's default User Agent, then Supermium is sent the tracking link version of the search results. Again, all server-side. The browsers are rendering what they are sent by the server.

This site, while it is "heavy", works fine in latest Serpent 52.9 here (asked me about cookies and all).

Here you go.

I'd be more interested in a screencap from here -- https://mate.tools/vpn-detection-test Here is mine:

Hi, I try to make a XP SP3 boot CD with the scsciport nvme driver nvme2k for to boot via it from nvme disk. When I put this driver via its nvme2k.inf to an already existing XP SP3 installation, I can boot from this nvme device. But "no disk" recogniced via real boot CD from XP SP3. May be, only a single entry I miss for a scsiport driver but I have no other idea Dietmar Here are the original and the modded files for the boot CD to enable nvme boot https://files.catbox.moe/igbiep.7z

This thread is technically about Supermium (which is not being sent tracking links BY THE SERVER), your question is more about New Moon (which is being sent tracking links BY THE SERVER). Again, this is all SERVER-SIDE. The browser doing the rendering is rendering exactly what is being sent to that browser BY THE SERVER. And New Moon is being SINGLED OUT. Chrome/Chromium/Supermium/Catsxp/r3dfox - all of these are not being sent tracking links BY THE SERVER. It's all in the USER AGENT (in this case). New Moon without a useragent override (note: you have to hover over a search result link to see the tracking URL, it is not always shown in the address bar): New Moon with a useragent override:

Tells us a lot about your location! I can. Screen 1 shows I'm from Switzerland and my IP. Screen 2 shows I'm from Switzerland. Hence Google is offered in: Deutsch, Français, Italiano for me. Screen 3 shows a random word I used in this Google search now. See - no Tracking links! Screen 4 shows "about me" Ungoogled Chromium 138 . Is this enough proof now? Are you satisfied?

Be polite and respectful. I chose the the official Ungoogled Chromium 138 to match the "latest" Supermium to be Fair. Hence the screenshot! I of course already use 144 and 145. But Supermium is always late.

I would like to know how to compile this on Windows 10 with MinGW/MSYS2.

They are actually and always have been. I don't update the upstream script anymore, but all that I locally changed was "openssl-3.3.1" to "openssl-3.6.1". https://github.com/Reino17/ffmpeg-windows-build-helpers/blob/master/ffmpeg_local_builds/cross_compile_ffmpeg.sh#L78-L104 C:\>openssl.exe version -a OpenSSL 3.6.1 27 Jan 2026 (Library: OpenSSL 3.6.1 27 Jan 2026) built on: Sat Jan 31 22:56:33 2026 UTC platform: mingw options: bn(64,32) compiler: /cygdrive/e/ffmpeg-windows-build-helpers-master/ffmpeg_local_builds/sandbox/cross_compilers/mingw-w64-i686/bin/i686-w64-mingw32-gcc -m32 -O2 -march=pentium3 -mtune=athlon-xp -mfpmath=sse -msse -DL_ENDIAN -DOPENSSL_PIC -DUNICODE -D_UNICODE -DWIN32_LEAN_AND_MEAN -D_MT -DOPENSSL_BUILDING_OPENSSL -DZLIB -DNDEBUG -D_WIN32_WINNT=0x501 OPENSSLDIR: "/cygdrive/e/ffmpeg-windows-build-helpers-master/ffmpeg_local_builds/sandbox/cross_compilers/mingw-w64-i686/i686-w64-mingw32/ssl" ENGINESDIR: "/cygdrive/e/ffmpeg-windows-build-helpers-master/ffmpeg_local_builds/sandbox/cross_compilers/mingw-w64-i686/i686-w64-mingw32/lib/engines-3" MODULESDIR: "/cygdrive/e/ffmpeg-windows-build-helpers-master/ffmpeg_local_builds/sandbox/cross_compilers/mingw-w64-i686/i686-w64-mingw32/lib/ossl-modules" Seeding source: os-specific CPUINFO: OPENSSL_ia32cap=0xfed8320b078bffff:0x00405fc6f1bf97a9:0x0000003000000110:0x0000000000000000:0x0000000000000000 The last time I've updated the "MingGW-w64 Build Script" was 18 Sep 2022.

Current New Moon. Current 55 basilisk also show page without errors, after some seconds i see popup with message "We'd like to send you notifications." - maybe you use external adblocker with agressive profile?

Which version are you using? I'm on 55 basilisk and the error is there even with a new profile.

I'm not seeing what you describe. Are you allowing any sort of "prerendering" or "AI-powered protection" or "safe browsing protection"? ALL are disabled on my config.

You can't visit https://rutracker.org/ or https://www.ozon.ru/ or https://www.vseinstrumenti.ru/ or https://vkvideo.ru/ ?? Don't see errors after two minutes.

Add this one to the list: https://weather.com/weather/today/l/c4025fdf0177c872b7fc2e0d09e7c523995ef49e21145e2d2438fe08649ca9e8 After about 3 seconds it breaks with this error: Application error: a client-side exception has occurred while loading weather.com (see the browser console for more information).

There might be a "JavaScript hook" that sneakily overwrites the link after it is clicked. Initially the true link is displayed on the status bar in New Moon. In New Moon the link anchor has the parameters: href (true link), data-ved, data-sb (google's redirect) In Supermium the parameters are: href (true link), data-ved, ping (google's redirect) It seems that Chromium is able to do something with "ping" that older browsers are not, perhaps connect to Google in parallel with the target. I didn't even know you could write such custom values into HTML.