surge's Introduction
surge's People
Forkers
orsmile galaxy001 huskyl zeroffa followjyp fosee ptntp specialmenfo pyaver chiachunli08 gckenny winnieking yswagsurge's Issues
新的 line 廣告 url 的問題
在 https://gw.line.naver.jp/PUSH/1/subs
抓到對應的 request (這個是在 mitmproxy 上抓到的,這邊拿掉各種敏感資訊):
,]3:tls;4:true!5:error;0:~5:state;1:0#3:via;0:~11:tls_version;7:TLSv1.3;15:tls_established;4:true!19:timestamp_tls_setup;18:1706191172.3337116^19:timestamp_tcp_setup;18:1706191172.2877367^15:timestamp_start;18:1706191172.2457783^13:timestamp_end;18:1706191177.5038645^14:source_address;58:38:2001:b011:3808:6484:5b7:4be1:9c77:344e;5:46558#1:0#1:0#]3:sni;16:gw.line.naver.jp;10:ip_address;40:22:;3:443#1:0#1:0#]2:id;36:;4:alpn;2:h2,7:address;26:16:gw.line.naver.jp;3:443#]}11:client_conn;537:10:proxy_mode;7:regular;11:cipher_list;0:]11:alpn_offers;5:2:h2,]16:certificate_list;0:]3:tls;4:true!5:error;0:~8:sockname;24:13:192.168.2.250;4:3128#]5:state;1:0#11:tls_version;7:TLSv1.3;14:tls_extensions;0:]15:tls_established;4:true!19:timestamp_tls_setup;18:1706191172.3454676^15:timestamp_start;18:1706191172.2441373^13:timestamp_end;18:1706191177.5033572^3:sni;16:gw.line.naver.jp;8:mitmcert;0:~2:id;36:;11:cipher_name;22:TLS_AES_256_GCM_SHA384;4:alpn;2:h2,7:address;25:13:192.168.2.251;5:53756#]}5:error;0:~2:id;36:;}6358:4:type;4:http;7:version;2:18#9:websocket;0:~8:response;0:~7:request;992:4:path;18:/PUSH/1/subs?m=932,9:authority;16:gw.line.naver.jp,6:scheme;5:https,6:method;4:POST,4:port;3:443#4:host;16:gw.line.naver.jp;13:timestamp_end;0:~15:timestamp_start;18:1706191172.3470674^8:trailers;0:~7:content;0:~7:headers;728:48:18:x-line-application,22:IOS 13.21.0▷iOS 16.7.4,]48:10:user-agent,30:Line/13.21.0 iPhone10,1 16.7.4,]22:5:x-lal,10:zh-Hant_TW,]593:13:x-line-access,571:12:http_version;8:HTTP/2.0,}17:timestamp_created;18:1706191172.3471413^7:comment;0:;8:metadata;0:}6:marked;9::default:;9:is_replay;0:~11:intercepted;5:false!11:server_conn;4463:4:via2;0:~11:cipher_list;0:]11:cipher_name;22:TLS_AES_256_GCM_SHA384;11:alpn_offers;5:2:h2,]16:certificate_list;3818:2252:-----BEGIN CERTIFICATE-----
他的 reponse 裡面包括了廣告的 icon99[.]tw,這邊遮掉 tracking parameters:
{"deployVersion":"lgfp_v3.5.0.23.11.06.0","rid":"x","t":1706191172397,"lang":"zh-Hant","ads":[{"mid":"x","searchid":"@icon99.tw","type":"TA","uaid":"x","exp":600,"prod":"201","vfmt":"SMARTCH-IMAGE","adformat":1,"infotype":1,"link":{"curl":"#","ctrac":["https://a.line.me/er/lads/v1/ei?x"],"ebp":0,"action":2},"tit":{"id":2001,"txt":
上面是第一波在掃的時候掃到的。
另外一個是用 app 內建的 inspector 抓的 (我用 Quantumult X),抓到 https://obs.line-scdn.net/0hGH9Iy1WIGGcEMAuqNYVnMFdgExY3XQ9kZEgFWiB1OgtKQQwyXxc8Z0JsLgtSXgpTUx02Z2B2OQ9CAT5XWAoCZCB5LhxwQw1qbh0oZ2N7FjF7RiRtYl4rcQ 這樣的 image request,點開來看以後可以看到廣告,這邊沒找到是從哪個 HTTPS request 傳進來的,應該是 HTTPS MITM 沒有涵蓋到...
我把這兩個擋掉後是沒看到問題,不過剛剛在 telegram 上面看到你說後面擋圖片這組好像會出狀況...
ADlist的問題
裡面Reject掉aotter的domain是刻意阻擋電獺嗎?還是有跟其他廣告同domain
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.