现在的电信劫持广告都上了 https 了。。

dcct8.com
yuyiya.com
adhudong.com
lvehaisen.com
这几个都是广告

吓得我以为连 https 的都可以劫持了…
网易为啥不上 https 呢…

吓得我以为连 https 的都可以劫持了…

@miaomiao888 Https 是不可能劫持的，这个要是劫持了问题可比几个广告厉害多了。

可能劫持 A 怕被劫持 B 再劫持一刀吧。。。所以上了 https，哈哈哈

#ShenZhenShiDingChengChuangTouHuLianWangJinRongFuWuYouXianGongSi's ADs
#深圳市鼎诚创投互联网金融服务有限公司
address=/dcct8.cn/127.255.255.255
address=/dcct8.com/127.255.255.255

#Yue Yu's ADs
#岳宇
address=/zhouyi1.com/127.255.255.255
address=/lvehaisen.com/127.255.255.255
address=/yiyuya.com/127.255.255.255
address=/yuyiya.com/127.255.255.255
address=/dwaed.com/127.255.255.255

#BeiJingYiMaZaiXianKeJiYouXianGongSi's ADs
#北京亿玛在线科技股份有限公司
address=/yiqifa.com/127.255.255.255
address=/emar.com.cn/127.255.255.255
address=/gouwuke.com/127.255.255.255
address=/eqiso.com/127.255.255.255
address=/yiqiso.com/127.255.255.255
address=/eqifa.com/127.255.255.255
address=/gouwubang.com/127.255.255.255
address=/eqigou.com/127.255.255.255
address=/adhudong.com/127.255.255.255
address=/hudongad.com/127.255.255.255
address=/yigao.com/127.255.255.255

网易家是买不起证书吗？ 貌似没见过网易家有 https 的

@coolcoffee 不是买不起，是不想买。证书免费的现在都有的。

@coolcoffee
网易的邮箱一直都有 ssl

@tomhuang https://mail.163.com/ ， 登陆界面 https 重定向到 http， 然后登陆以后手动改协议才能用 https，而且还引用了非 https 资源导致锁不是绿色的。

@coolcoffee https://yys.163.com/m/ 算吗。。

@dfly0603 会重定向到 http 的，这和没有有什么区别？

➜ ~ curl https://yys.163.com/m/ -v
* Trying 101.227.102.199...
* TCP_NODELAY set
* Connected to yys.163.com (101.227.102.199) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=CN; ST=Zhejiang; L=Hangzhou; O=NetEase (Hangzhou) Network Co., Ltd; OU=Game Dept; CN=yys.163.com
* start date: Dec 8 00:00:00 2016 GMT
* expire date: Dec 8 23:59:59 2018 GMT
* subjectAltName: host "yys.163.com" matched cert's "yys.163.com"
* issuer: C=US; O=GeoTrust Inc.; CN=GeoTrust SSL CA - G3
* SSL certificate verify ok.
> GET /m/ HTTP/1.1
> Host: yys.163.com
> User-Agent: curl/7.54.0
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 301 Moved Permanently
< Server: Cdn Cache Server V2.0
< Date: Wed, 04 Oct 2017 15:36:10 GMT
< Content-Length: 0
< Location: http://yys.163.com/
<
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):