郑州，联通， https://list.jd.com 被重定向到 p.egou.com！

看起来像是运营商局部地区劫持，或者小区带宽承包商劫持。

感觉京东的 https 不是 e2e 的，在中间被劫持了。用 curl 请求的话，会这样：

* Connected to list.jd.com (42.236.8.129) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 603 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: *.jd.com (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: C=CN,ST=beijing,L=beijing,O=BEIJING JINGDONG SHANGKE INFORMATION TECHNOLOGY CO.\, LTD.,CN=*.jd.com
* start date: Thu, 15 Mar 2018 04:02:02 GMT
* expire date: Tue, 28 Aug 2018 09:42:54 GMT
* issuer: C=BE,O=GlobalSign nv-sa,CN=GlobalSign Organization Validation CA - SHA256 - G2
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET /list.html?cat=670,12800,12802 HTTP/1.1
> Host: list.jd.com
> authority: list.jd.com
> cache-control: max-age=0
> upgrade-insecure-requests: 1
> user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
> accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
> dnt: 1
> accept-language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7,zh-TW;q=0.6
> cookie: ipLoc-djd=1-72-4137-0; areaId=1; __jda=122270672.15258484760111185216130.1525848476.1525848476.1525848476.1; __jdc=122270672; __jdv=122270672|direct|-|none|-|1525848476012; 3AB9D23F7A4B3C9B=2CHSSK4AIRJBZHSHVXWZP2IVWEEUGJTGJZU5UIVFZL6X2IPOH2T5OPZDYIP2ZLORI2XMZOYSGEKEU72E6SAB6O54QM; listck=e19706debdda455e4793c3a3a86514ea; __jdu=15258484760111185216130; __jdb=122270672.9.15258484760111185216130|1.1525848476
> if-modified-since: Wed, 09 May 2018 06:50:00 GMT
>
< HTTP/1.1 302 Found
< Server: JDWS/2.0
< Date: Wed, 09 May 2018 07:21:41 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: http://p.egou.com/n?k=6JU4gZDFrI6HWlzl1NXH2mLErI6H2mLq6l2SWcLe6Ew7Wn4H6EDmrI6HYQLErnWF1nzm6N27rIW-&t=u=764050&url=http%3A%2F%2Flist.jd.com%2Flist.html%3Fcat%3D670%2C12800%2C12802%26_t_t_t%3D1
< Age: 0
< Via: http/1.1 ZZ-UNI-1-JCS-155 ( [cMsSf ])
<
{ [16000 bytes data]
: Wed, 09 May 2018 07:21:41 GMT
Cache-Control: max-age=0
Last-Modified: Wed, 09 May 2018 07:21:45 GMT
Via: BJ-Y-NX-113(MISS)

<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=Edge">
<title> 游戏耳机 游戏设备 电脑、办公 [行情 价格 评价 图片] - 京东</title>
<link type="text/css" rel="stylesheet" href="//misc.360buyimg.com/??jdf/1.0.0/unit/ui-base/5.0.0/ui-base.css,jdf/1.0.0/unit/shortcut/5.0.0/shortcut.css,jdf/1.0.0/unit/global-header/5.0.0/global-header.css,jdf/1.0.0/unit/myjd/5.0.0/myjd.css,jdf/1.0.0/unit/nav/5.0.0/nav.css,jdf/1.0.0/unit/shoppingcart/5.0.0/shoppingcart.css,jdf/1.0.0/unit/global-footer/5.0.0/global-footer.css,jdf/1.0.0/unit/service/5.0.0/service.css">

命令是 curl -v 'https://list.jd.com/list.html?cat=670,12800,12802' -H 'authority: list.jd.com' -H 'cache-control: max-age=0' -H 'upgrade-insecure-requests: 1' -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36' -H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8' -H 'dnt: 1' -H 'accept-language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7,zh-TW;q=0.6' -H 'cookie: ipLoc-djd=1-72-4137-0; areaId=1; __jda=122270672.15258484760111185216130.1525848476.1525848476.1525848476.1; __jdc=122270672; __jdv=122270672|direct|-|none|-|1525848476012; 3AB9D23F7A4B3C9B=2CHSSK4AIRJBZHSHVXWZP2IVWEEUGJTGJZU5UIVFZL6X2IPOH2T5OPZDYIP2ZLORI2XMZOYSGEKEU72E6SAB6O54QM; listck=e19706debdda455e4793c3a3a86514ea; __jdu=15258484760111185216130; __jdb=122270672.9.15258484760111185216130|1.1525848476' -H 'if-modified-since: Wed, 09 May 2018 06:50:00 GMT'

大家在 hosts 里把 list.jd.com 设成 42.236.8.129 的话，应该也能重现。

正常的时候是这样的：

< HTTP/1.1 200 OK
< Server: JDWS/2.0
< Date: Wed, 09 May 2018 07:25:56 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 172706
< Connection: keep-alive
< Vary: Accept-Encoding
< ups: f102-251|a60-61
< head-status: M
< Expires: Wed, 09 May 2018 07:25:56 GMT
< Cache-Control: max-age=0
< Last-Modified: Wed, 09 May 2018 07:26:00 GMT
< Via: BJ-Y-NX-113(MISS), http/1.1 ZZ-UNI-1-JCS-155 ( [cMsSfW])
< Age: 0
<
{ [15978 bytes data]
<!DOCTYPE html>
.......

山东联通也有着问题 我都访问完毕清空缓存 重新登录 加购物车 然后手机 app 去支付

我也出现这种情况了。

坐标也是郑州。

这问题相当严重了

打运营商电话人工服务投诉，然后工信部投诉

可以复现

curl --resolve 'list.jd.com:443:42.236.8.129' 'https://list.jd.com/list.html?cat=670,12800,12802' -v -o /dev/null

https://crt.sh/?id=372328169 这是 42.236.8.129 返回的证书

三年前就这样了。。

应该让京东的同学来领工单，干掉他的联盟账号，让他没钱拿，才是治本

同在郑州，联通用户，也经常出现，跳转到这个： http://p.egou.com/error-pages/default.html?errortype=6

河南东北部 家庭宽带和 4G 也是这样。

我对着上述 IP 发了请求，200 没有 302
我没在郑州也没在联通，不排除他们做了外地防御的可能性

看了看证书，是假的。你的浏览器没报警吗？？

诶奇怪，刚才我手工 openssl ocsp 查询是 bad request
不过用上面 @zsj950618 提供的 crt.sh 检查 ocsp 是正常的

证书里包含不只京东的域名，如果证书还是真的，那这就是个 CDN 节点了。

把 DNS 换下哦...别用自动获取的

@julyclyde 就是 CDN 节点啊。感觉是 CDN 回源时的问题。

今天没有这个情况了。可能他们改好了吧。

@mcree 我也郑州访问购物网站总是跳转，还以为是系统的问题那