search

blocklistproject / Lists

Primary Block Lists
The Unlicense
3.78k stars 344 forks source link

[Add request] - porn ads #671

Closed SodaWithoutSparkles closed 1 year ago

SodaWithoutSparkles commented 2 years ago

URL you wish to be added:

cnzz.yifenghuyu.com
wy6r8d.qejzyy.cn
flro0c.tianhongbanjia.cn
rq8otf.sinochemfuheng.cn
q784l0.momentchina.cn

Edit: Found on the same site

itmo8x.zmdwx.com.cn
p7vdqa.mayuetong.cn
c.tkkdoc.com
xxl.hushenqiquan.com

Edit2:

lwrao.qycg.wang
xuwqs.sxtc.wang

Edit3:

tqqvm.haedo.biz
cdnbaidu.cjfexmf.cn
doc.hbears.com

Why you believe this should be added:

They serve porn ads.

Add to list:

Ads, maybe also on porn

Other info you think we should know:

Samples

https://flro0c.tianhongbanjia.cn/MTcxOQ1719171910171634473793gif
https://wy6r8d.qejzyy.cn/MTcxOQ17191719/1214/1639494706.gif
https://cnzz.yifenghuyu.com/gdsgshehdf/1379.gif
https://q784l0.momentchina.cn/MTcyOQ17291729/1017/1634473670.gif
https://rq8otf.sinochemfuheng.cn/MTcyOQ17291729/0402/1585822405.gif

Edit:

https://itmo8x.zmdwx.com.cn/MTgwMQ18011801/1214/1639494671.gif

Edit3:

https://cdnbaidu.cjfexmf.cn/material/0003/1/0003_1_1631262793.gif
https://tqqvm.haedo.biz/adsbix_32847_2_balixjs?74328941646130510342
https://doc.hbears.com/ts_as.html?as=10073-20156-20

Found on https://m.wanben.org/16578/11366518.html (urlscan) which serves novels in Chinese. It uses javascript to load the ads. It may open a new tab/redirect you to a porn site. If you use a PC to access then you won't see anything. The script https://www.kanshuzhushou.com/cdn/js/zepto.min.js seems to determine if you are on android service and set control flag isAndroid, which determine load or not load the ads. You have to use remote debugging to inspect them.

Edit: I found the JS that seems to load the ads. I am not sure because they are obfuscated, but none of the ads load after blocking the following domains hosting the JS. I suspect the JS decode the obfuscated text, make a request to the domains and load them. Blocking the script seems to help.

https://c.tkkdoc.com:10360/static/lbsite/3494553b1a0c/ca46b5a2.js?v=1645870337208
https://xxl.hushenqiquan.com/z-2700-5-4017241?123

Edit2: These two domains host JS that handle clicking on the ad. They use a div with an image background to avoid being detected by adblockers. So they added yet another JS to handle clicks on the div. Even if the ad is blocked and you clicked on where the ad is supposed to be, it still redirects you to the porn page. Blocking these can prevent the placeholder from loading.

https://xuwqs.sxtc.wang/hmzn_32847_2_min.js?74328941645878528720
https://lwrao.qycg.wang/hmzn_2095_1_min.js?893291645878528738

Edit3: these hosts the javascript again

tqqvm.haedo.biz
doc.hbears.com

and this hosts the actual image

cdnbaidu.cjfexmf.cn
SodaWithoutSparkles commented 2 years ago

Please add them to the ads list.