Closed spirillen closed 3 years ago
Seems like a mass addition of urls under fraud category.
@Yuki2718
I don't understand what this issue is about. Direct URL access returns 403 currently but I didn't take a note of full URL - generally I keep them only shortly.
@Yuki2718 it's about the why it is added as badware in the first place, otherwise it a bit hard to incorporate it into any other blacklists if you can't point to a argument (proof) for why. And it appears you are the only one blacklisting it... https://duckduckgo.com/?q=%22datingdeserving.com%22&t=ffab&ia=web
publicwww doesn't have anything on it. That's why I'm asking, and again, how did you end up there in the first place @Yuki2718 :smiley:
- generally I keep them only shortly
Do understand you, this one just seems a bit to short
how did you end up there in the first place
Maybe form AdGuard anti-fraud report.
Maybe this was fake with "S" "E" "X" Badoo questionnaire. Very close, it's some chat with a bot ...
On Google I found online urls:
https://t.co/WM95Cn16GB |
---|
https://i.datingdeserving.com/l/push-external3/?encodedPath=L2wvcHVzaC1leHRlcm5hbDMvPw%3d%3d&ext=1&affiliateId=l69553&site=https%3a%2f%2fbigosext69.com%2fl%2f25%2fhingefuck3%2f1-w3mr%2fglobal%2f&userAgent=Mozilla%2f5.0+(Linux%3b+Android+10%3b+AC2003)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f92.0.4515.115+Mobile+Safari%2f537.36&language=fr&subscribeMethod=chat_popup_ext_subscribe_v3_rand&vertical=dating&siteLang=fr&extImageUrl=images%2fen%2fgirl16.jpg&extTpl=36&extTplLogo=16# |
https://t.co/w1PYuum9mX |
---|
https://a.datingdeserving.com/l/push-external/?ext=1&affiliateId=l77236&site=https%3a%2f%2fsinder4.com%2fl%2f25%2ftimerv2%2f1-w1m%2fglobal%2f&userAgent=Mozilla%2f5.0+(Linux%3b+Android+11%3b+SM-A125F)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f92.0.4515.115+Mobile+Safari%2f537.36&language=vi-VN&subscribeMethod=chat_popup_ext_subscribe&vertical=dating&siteLang=vi&extTpl=1 |
<title id="title1">SexChat - You have three new messages.</title>
<title id="title1">SexMessenger - you have 1 new message</title>
<title id="title1">SexChat - Vous avez reçu 3 messages</title>
and now it looks more like adware than badware... (stay corrected adware is badware :smiley: )
and maybe a notation to the adult lists....
The screens are already in the spoler (too many place are wasted), there are no naked breasts there at most a heavily exonerated delcolt and rather the first "top model" lady looks like has a flesh-colored bra (or mask the size of the cup / nipples quite well).
As for the notification, not everyone reads the comment above the line, so you would have to reach for a hack:
domain=~NSFW-chat-bait
I found push notification wall with NSFW (nipples):
https://a.datingdeserving.com/l/push-external/
https://user-images.githubusercontent.com/35370833/133331924-21f51917-1fce-4ca3-9eb8-fe2f21b375c0.png (hidden breasts by red rectangle)
On duck duck go also I see this domain at twitter:
Badware accounts/bots?
https://t.co/h4vb0kCe3z?amp=1
https://a.datingdeserving.com/l/push-external3/?encodedPath=L2wvcHVzaC1leHRlcm5hbDMvPw==
https://t.co/o9skCGiMfa?amp=1
https://e.datingdeserving.com/l/push-external3/?encodedPath=L2wvcHVzaC1leHRlcm5hbDMvPw==
https://t.co/PSzSg2LXsT?amp=1
https://c.datingdeserving.com/l/push-external3/?encodedPath=L2wvcHVzaC1leHRlcm5hbDMvPw==
https://t.co/cBmFCUKLlj?amp=1
https://b.datingdeserving.com/l/push-external3/?encodedPath=L2wvcHVzaC1leHRlcm5hbDMvPw==
:rofl: A spyware spam domain that warne's about similar domains :rofl:
I tried to figure out what that "Click Allow" was, but i only get "The connection has timed out" on the tor network... anyone who dare to look in the source to see what it would allow?
Ok
got it but no where to click allow...
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="manifest" href="manifest.json">
<link href="css/style.css?v=1.1" rel="stylesheet" type="text/css">
<script src="js/trls.js?v=1.18"></script>
<script src="js/push-subscriber.js?v=2.0"></script>
</head>
<body>
<img id="js-spinner" src="images/loader.gif" class="hide">
<div id="tpl1" class="subscribe-tpl1">
<div class="image-wrapper"><img class="branding-logo" id="image" src=""></div>
<div id="subscribeText">
<p id="subText1" class="offer-text1">Click <strong>'Allow'</strong> to let me chat with you. I'd love to know you better.</p>
<p id="subText2" class="offer-text2">We can shake a little after you register <span>(it's free).</span></p>
</div>
</div>
<div id="tpl2" class="subscribe-tpl2" style="display: none">
<p id="subText1" class="offer-text1"></p>
<p id="subText2" class="offer-text2"></p>
<div class="subscribe-image">
<div class="image-label"><span id="nameAge"></span></div>
<div class="image-wrapper"><img class="branding-logo" id="image" src=""></div>
</div>
</div>
<img height="1" width="1" style="display:none" src="https://p-analytics.life/pxl.png" />
</body>
</html>
Ok, reconnized it now. If you look in js/trls.js?v=1.18
then it is something I have seen in another dating thing.
I would call it AdWare with a pinch of adultery
<script src="js/trls.js?v=1.18"></script>
<script src="js/push-subscriber.js?v=2.0"></script>
It will be categorized as such here https://mypdns.org/my-privacy-dns/matrix/-/issues/2773
Btw no need to open an issue if you have a question regarding a filter, ask at the commit itself which you already found.
But he can't found this big commit and few people now subscribe notify for comments (I newer watch comments in my commits, use nick name instead).
The rule is quite clear -- Support issues and questions are handled at /r/uBlockOrigin. GitHub is for reporting issues only.
got it but no where to click allow...
in notify cloud beetween url bar (allow spam push).
The rule is quite clear -- Support issues and questions are handled at /r/uBlockOrigin. GitHub is for reporting issues only.
And that should happens how?? without violating my privacy? @uBlock-user you might know I'm all about privacy/democracy and down that road as I also mentioned for @Yuki2718 yesterday. reddit is 100 of limit here
drill reddit.com
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 2064
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; reddit.com. IN A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 1 msec
The same rules applies for the other spyware domains like fakebook, twitter etc
Already told you - https://github.com/uBlockOrigin/uAssets/issues/10003#issuecomment-919527238
Either way, there are no exceptions for the rule.
That's up to you. I actually don't care, but if you have a record without any records I do not consider this as a Support as it you who forgot to keep records.
but if you have a record without any records I do not consider this as a Support as it you who forgot to keep records.
Learn to respect the rules of the repository, this pointless back and forth has gone unnecessarily long.
Prerequisites
I tried to reproduce the issue when...
URL(s) where the issue occurs
https://github.com/easylist/easylist/pull/8674/files
Describe the issue
I'm searching for the documentation for adding
datingdeserving.com
to the BadWare listhttps://github.com/uBlockOrigin/uAssets/blob/6b2beef57b7d12bc6b03dbb77f2833700577dd39/filters/badware.txt#L734
The only ref is blaming the commit, which leads me to https://github.com/uBlockOrigin/uAssets/commit/1f3b77c5eda8c4eb65f4fd531432d1df33af14ac#commitcomment-54976790 but still no comments on what makes you think there is a badware risk on this domain. The trails went cold in lack of traces and comments.
Screenshot(s)
uBlock Origin version
uBlock Origin 1.37.2
Browser name and version
FF ubuntu repo
Settings
Notes
No response