If you put UC into a debugger, you see a function with a very telling name "blocklist" pointing on a code with strings containing some github urls and, surprise, some defunct urls at microsoft.com and adsense cdn.

It's 2019, and people still keep forgetting stripping debug symbols.

Well it is important to name functions clearly ;)

Good for them I guess!

Maybe those web browsers are linked to a online URL database. If any URL is matched in the database, then they will refuse to load the page.

But if true, that also means those web browsers are querying a online database when user is trying to access a URL.

Not a good news no matter how you hold it.

Doesn't Chrome and Firefox do the same for known malicious websites? IIRC they use hashes and / or a local database of hashes, but I can't be sure. Pretty sure that caused major controversy in its earlier days too.

Yes, they download a database of forbidden sites from Google (SafeBrowsing) [1]

[1] https://safebrowsing.google.com/

It checks a bloom filter.

Yeah no doubt that would be concerning.

Sadly not surprising.