Computer science researchers surveyed 50,000 of the web's most-visited sites and found 485 sites using a history-tracking bug. In all, 63 sites were copying the data it reveals and 46 were found to be hijacking a user's history.
"We also found that many of these websites make use of a handful of third-party history-sniffing libraries."
The researchers also looked at other popular techniques that sites use to map and monitor what visitors do.
In the case of YouPorn, operators run scripts that track the trail a user's mouse pointer takes on and across pages.
Operators of YouPorn.com, which is owned by Curacao-based Midstream Media International N.V., did not respond by post time to XBIZ for comment on the findings.
YouPorn operators also own YouPornGay.com and YouPornCocks, which also were on the UC San Diego study's history-sniffing list.
The study also revealed YouPorn's attack code.
Chrome and Safari, researchers said, are not vulnerable to history hijacking and that the most recent version of Firefox has closed loopholes. Internet Explorer users can turn on "private browsing" to stop the flaw from divulging histories.
"Our study shows that popular Web 2.0 applications like mashups, aggregators, and sophisticated ad targeting are rife with different kinds of privacy-violating flows," the researchers wrote.