Github pages 的 HTTPS 是不是出问题了？

来自 “346608453@qq.com” 的中间人攻击

@twoyuan 手机网络也是一样的，WiFi 也一样？有点奇怪啊

这个电子邮件地址明显就有问题吧

+1，自己的 github pages 也是这个

同样也碰到了这个问题

@xiri 对明显的有问题，还能搜到那个人 QQ 号，加好友不通过

解析出来的服务器 IP 是？

@WoodenRobot 我也是这样，然后谷歌搜到了这个页面

@Livid 185.199.111.153 我自己的是这个，这就是 GitHub 的服务器地址

里面 QQ 搜到是这个

贴一下 curl -k -v 访问你的 GitHub Pages 的记录？

同！！

@Livid
➜ ~ curl -k -v githubstatus.com
* Trying 185.199.109.153...
* TCP_NODELAY set
* Connected to githubstatus.com (185.199.109.153) port 80 (#0)
> GET / HTTP/1.1
> Host: githubstatus.com
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Content-Type: text/html
< Server: GitHub.com
< Location: https://githubstatus.com/
< X-GitHub-Request-Id: F20A:6F7C:2B28AA:2D7250:5E7C4D04
< Content-Length: 162
< Accept-Ranges: bytes
< Date: Thu, 26 Mar 2020 06:34:44 GMT
< Via: 1.1 varnish
< Age: 0
< Connection: keep-alive
< X-Served-By: cache-hnd18728-HND
< X-Cache: MISS
< X-Cache-Hits: 0
< X-Timer: S1585204484.464009,VS0,VE170
< Vary: Accept-Encoding
< X-Fastly-Request-ID: 1a3048f21b2a3e7f00c0e09aeae99a8a47d088ed
<
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host githubstatus.com left intact
* Closing connection 0
➜ ~

@WoodenRobot 根据 qq 信息的域名
Domain Name: 138qb.cn
ROID: 20091121s10001s80146151-cn
Domain Status: clientTransferProhibited
Registrant ID: 120411033010813
Registrant: 广州名扬信息科技有限公司
Registrant Contact Email: **a@gz.com
Sponsoring Registrar: 广州名扬信息科技有限公司
Name Server: ns1.dnparking.com
Name Server: ns2.dnparking.com
Name Server: ns3.dnparking.com
Name Server: ns4.dnparking.com
Registration Time: 2009-11-21 04:27:12
Expiration Time: 2020-11-21 04:27:12
DNSSEC: unsigned

+1 我也这样了。。

我的也是，全局可以访问，好奇怪。

访问 jestjs.io 遇到了同样的问题
Server: 114.114.114.114
Address: 114.114.114.114#53

Non-authoritative answer:
Name: jestjs.io
Address: 185.199.108.153
Name: jestjs.io
Address: 185.199.111.153
Name: jestjs.io
Address: 185.199.110.153
Name: jestjs.io
Address: 185.199.109.153
看起来是跟上面一样解析到了一个 ip 上，是 dns 劫持，还是 dns 有问题呢？
另外手机访问也同样遇到了这个证书。

@Livid
```
$ curl -k -v https://woodenrobot.me
* Rebuilt URL to: https://woodenrobot.me/
* Trying 185.199.108.153...
* TCP_NODELAY set
* Connected to woodenrobot.me (185.199.108.153) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=CN; ST=GD; L=SZ; O=COM; OU=NSP; CN=SERVER; emailAddress=346608453@qq.com
* start date: Sep 26 09:33:13 2019 GMT
* expire date: Sep 23 09:33:13 2029 GMT
* issuer: C=CN; ST=GD; L=SZ; O=COM; OU=NSP; CN=CA; emailAddress=346608453@qq.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET / HTTP/1.1
> Host: woodenrobot.me
> User-Agent: curl/7.54.0
> Accept: */*
```

@fuergaosi 这些地址都是 GitHub pages 的服务器，他应该用的 GitHub pages

遇到了同样的问题，河北联通。