Just a heads-up, https://1337x.st/ appears to have IUA enabled but the JavaScript challenge does not complete/proceed because of a JavaScript error after the delay of five seconds.
The issue does not appear to apply Cloudflare-wide though.
Possibly related to Checking your browser before accessing
Site loads for me once I turn off Adblock Plus and itâs allowed to set cf_clearance cookie. If I delete that cookie, and turn it back on, Iâm blocked once again.
Excellent find! 
It is the ||1337x.st^$csp=script-src 'self' 'unsafe-inline' rule of EasyList.
I didnât have time to figure out the exact filter, but I just disabled EasyList as you mentioned and sure enough, it passes the challenge.
BTW, seems to work fine with Ghostery, Adblock, and Privacy Badger all running on block everything.
My ABP has the following filters
EasyPrivacy
Fanboyâs Social Blocking List
ABP filters
EasyList the only one that appears to be an issue
Malware Domains
Itâs been solved, but if I may give an opinion or two, it would be most appreciated. Using an adblocker to mess with CSP is a bad idea, no matter their intent.
Moreover, uBlock Origin is the way to go for desktop, esp. with Firefox. Peace. 
||example.org^$csp=frame-src 'none'
prohibits all frames on example.org and itâs subdomains.
@@||example.org/page/*$csp=frame-src 'none'
disables all rules with the $csp modifier exactly matching frame-src ânoneâ on all the pages matching the rule pattern. For instance, the rule above.
@@||example.org/page/*$csp
disables all the $csp rules on all the pages matching the rule pattern.
||example.org^$csp=script-src 'self' 'unsafe-eval' http: https:
disables inline scripts on all the pages matching the rule pattern.
Source
I am not quite sure what you are trying to say 
Shouldnt that be a complaint for EasyList rather than Cloudflare?
First of all, let me state unequivocally that Withheld has my utmost respect for the help heâs given me and for their intelligence. I also want it known that Withheld understands adblocking so I am not stating otherwise. And now for something completely different.
Yes, thatâs exactly what itâs supposed to do; however, and this is a big however, even AdGuard states that using the CSP modifier as in ^$csp=<value> ; ^$csp=<value>~example.com ; or @@||example.com^$csp=<value> , as basic examples for the public who may be consuming / reading this discussion, using these and more âcomplicatedâ CSP modifiers will not function when used with each version of AdGuard or even each version of AdGuard for the same operating systems. EDIT 2019-04-04T05:24:47+00:00 (So to not misinform the public at large, I felt thus paragraph had to be stated in response to Withheld who asked a question and then went on to answer it, which prompted my initial useless commentary which then, however, prompted dialogue which did end up as useful).
AdGuard, and as I previously mentioned though in a different context uBlock Origin, are currently the two most advanced âadblockersâ. AdBlock Pro, as youâd mentioned being in use, is not able to handle the advanced syntax that AdGuard & uBlock Origin both are able to handle.
In fact, not opinion, ABP lags behind both AG/P and uBO in (most?) capabilities. As of 04.21 in 2018 AdBlock Pro began support of the CSP modifier & though Iâm unsure how far theyâve travelled; they are most likely playing catch-up to AdGuard who, from my understanding and love for AdGuard (despite relying on uBlock Origin on my workstation 
), essentially codified the original schema as supported by âadblockersâ. The devs over at AdGuard (find them when free on GitHub and theyâll be happy to discuss the pros and limitations of the CSP modifier and anything else product-related.) Tell them intr0 says âHi!â, if you do, please . Especially Andrey & Marie. Thank-you.
EDIT 2019-04-04T05:29:03+00:00 P.S. Your extensions read like mine from Firefox 3.6 (when AdBlock Pro worked and Ghostery didnât exist (?) and neither did Privacy Badger. Also, running the three listed extensions simultaneously may cause issues. I know it specifies that running more than one âadblockerâ will cause issues, though Ghostery and AdBlock Plus are essentially. Even Privacy Badger to an extent. Check out Privacy Possum @ Privacy Possum â Get this Extension for đŚ Firefox (en-US). Unless youâre pre-57 FF.
(Attachment publicKey - [email protected] - ca04f762bf69348d05e30d2bde125b4e2d10e361.asc is missing)
Thanks @intr0. Not disagreeing at all about which is better and for the record, while the my full list is incomplete, I use dozens of plugins and portable browsers for testing purposes only and roll back snapshots often 
@Withheld Yeah me too. Dev release a lot for me lately. With .onion addresses allowed via about:config. Sandboxed from my system ofc. The record was never about âbetterâ, anyway, as my I hoped to clarify with my first EDIT spurred on by @sandro 
hopefully made real. The second was one person joking with another.
This topic was automatically closed after 14 days. New replies are no longer allowed.