Github pages 的 HTTPS 是不是出问题了?

2020-03-26 14:14:13 +08:00
 WoodenRobot

所有的 github pages 页面开启 HTTPS 的话证书都变成下面这个了?什么情况?

52284 次点击
所在节点    全球工单系统
333 条回复
twoyuan
2020-03-26 14:17:00 +08:00
来自 “346608453@qq.com” 的中间人攻击
WoodenRobot
2020-03-26 14:19:19 +08:00
@twoyuan 手机网络也是一样的,WiFi 也一样?有点奇怪啊
xiri
2020-03-26 14:22:07 +08:00
这个电子邮件地址明显就有问题吧
SpringHack
2020-03-26 14:24:05 +08:00
+1,自己的 github pages 也是这个
alphardex
2020-03-26 14:24:52 +08:00
同样也碰到了这个问题
WoodenRobot
2020-03-26 14:24:52 +08:00
@xiri 对明显的有问题,还能搜到那个人 QQ 号,加好友不通过
Livid
2020-03-26 14:26:42 +08:00
解析出来的服务器 IP 是?
bin21st
2020-03-26 14:26:59 +08:00
@WoodenRobot 我也是这样,然后谷歌搜到了这个页面
WoodenRobot
2020-03-26 14:28:57 +08:00
@Livid 185.199.111.153 我自己的是这个,这就是 GitHub 的服务器地址
WoodenRobot
2020-03-26 14:33:39 +08:00
里面 QQ 搜到是这个![image.png]( https://i.loli.net/2020/03/26/NDZPbLHsCl4ptIe.png)
Livid
2020-03-26 14:34:17 +08:00
贴一下 curl -k -v 访问你的 GitHub Pages 的记录?
Melodyer
2020-03-26 14:34:23 +08:00
同!!
Melodyer
2020-03-26 14:35:20 +08:00
@Livid
➜ ~ curl -k -v githubstatus.com
* Trying 185.199.109.153...
* TCP_NODELAY set
* Connected to githubstatus.com (185.199.109.153) port 80 (#0)
> GET / HTTP/1.1
> Host: githubstatus.com
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Content-Type: text/html
< Server: GitHub.com
< Location: https://githubstatus.com/
< X-GitHub-Request-Id: F20A:6F7C:2B28AA:2D7250:5E7C4D04
< Content-Length: 162
< Accept-Ranges: bytes
< Date: Thu, 26 Mar 2020 06:34:44 GMT
< Via: 1.1 varnish
< Age: 0
< Connection: keep-alive
< X-Served-By: cache-hnd18728-HND
< X-Cache: MISS
< X-Cache-Hits: 0
< X-Timer: S1585204484.464009,VS0,VE170
< Vary: Accept-Encoding
< X-Fastly-Request-ID: 1a3048f21b2a3e7f00c0e09aeae99a8a47d088ed
<
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host githubstatus.com left intact
* Closing connection 0
➜ ~
Xusually
2020-03-26 14:36:01 +08:00
@WoodenRobot 根据 qq 信息的域名
Domain Name: 138qb.cn
ROID: 20091121s10001s80146151-cn
Domain Status: clientTransferProhibited
Registrant ID: 120411033010813
Registrant: 广州名扬信息科技有限公司
Registrant Contact Email: **a@gz.com
Sponsoring Registrar: 广州名扬信息科技有限公司
Name Server: ns1.dnparking.com
Name Server: ns2.dnparking.com
Name Server: ns3.dnparking.com
Name Server: ns4.dnparking.com
Registration Time: 2009-11-21 04:27:12
Expiration Time: 2020-11-21 04:27:12
DNSSEC: unsigned
liut2016
2020-03-26 14:37:30 +08:00
+1 我也这样了。。
leadream4
2020-03-26 14:39:00 +08:00
我的也是,全局可以访问,好奇怪。
fuergaosi
2020-03-26 14:39:09 +08:00
访问 jestjs.io 遇到了同样的问题
![GStyMq.png]( https://s1.ax1x.com/2020/03/26/GStyMq.png)
Server: 114.114.114.114
Address: 114.114.114.114#53

Non-authoritative answer:
Name: jestjs.io
Address: 185.199.108.153
Name: jestjs.io
Address: 185.199.111.153
Name: jestjs.io
Address: 185.199.110.153
Name: jestjs.io
Address: 185.199.109.153
看起来是跟上面一样解析到了一个 ip 上,是 dns 劫持,还是 dns 有问题呢?
另外手机访问也同样遇到了这个证书。
WoodenRobot
2020-03-26 14:39:28 +08:00
@Livid
```
$ curl -k -v https://woodenrobot.me
* Rebuilt URL to: https://woodenrobot.me/
* Trying 185.199.108.153...
* TCP_NODELAY set
* Connected to woodenrobot.me (185.199.108.153) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=CN; ST=GD; L=SZ; O=COM; OU=NSP; CN=SERVER; emailAddress=346608453@qq.com
* start date: Sep 26 09:33:13 2019 GMT
* expire date: Sep 23 09:33:13 2029 GMT
* issuer: C=CN; ST=GD; L=SZ; O=COM; OU=NSP; CN=CA; emailAddress=346608453@qq.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET / HTTP/1.1
> Host: woodenrobot.me
> User-Agent: curl/7.54.0
> Accept: */*
```
WoodenRobot
2020-03-26 14:42:16 +08:00
@fuergaosi 这些地址都是 GitHub pages 的服务器,他应该用的 GitHub pages
Windelight
2020-03-26 14:42:51 +08:00
遇到了同样的问题,河北联通。

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/656367

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX