NOOB question: Does https hide the prefix of an URL?

5 Antworten [Letzter Beitrag]
GNUser
Offline
Beigetreten: 07/17/2013

When visiting:

https://abcd.example.com/123456

Does my ISP only sees "example.com" or "abcd.example.com"?
And is there any way for them to see the "123456" part of it?

My device in question only supports TLS 1.2 (as well as 1.1 and 1.0, which I can't seem to disable).

Thanks.

Beko
Offline
Beigetreten: 08/31/2019

I believe that https only encrypts the information being passed to the website, not the URL itself. I'm not an expert but it is my understanding that information that you enter, e.g a credit card number or home address is what is encrypted.

If you are worried about ISP spying or tracking, you should also change your DNS to something other than the ISP default. Your ISP can spy on you with your DNS lookups.

If your threat level is higher and you need to hide the website that you are visiting, then a VPN will definitely help you hide from your ISP. However this only moves the problem around because then the VPN essentially has the information that the ISP would have had. An 'enemy' with the resources to either steal or force logs from a VPN will have access to the same information, plus the VPN may be selling that data to Facebook or Google you never know.

Best of the best is TOR of course, albeit slow as all hell.

GNUser
Offline
Beigetreten: 07/17/2013

I use Tor 90% of the time, but there is a specific use-case where I cannot use it.
I am going to use a VPN, but I also want to try and restrain the amount of information I am giving to the VPN provider.
I was considering using a website like Snopyta which provides multiple services under the same main URL (invidious.snopyta, nitter.snopyta, bibliogram.snopyta, etc etc). However I am unsure if the VPN will still be able to see which sub-domain I am using... Hence my question.

Also, since you mentioned it, the VPN I am using doesn't leak DNS requests, I tested it in browserleaks.com
However I am unsure if it would be worth it to use a different DNS other than their own. I mean, there is not much gain in it, since they can see which website I am accessing anyway right?

Beko
Offline
Beigetreten: 08/31/2019

I am not the best person to answer your questions.. I'm just parroting what I've seen elsewhere while trying to have better OPSEC.

>However I am unsure if the VPN will still be able to see which sub-domain I am using... Hence my question.

What I wrote is about the extent of my knowledge maybe someone else might be able to help you out.

GNUser
Offline
Beigetreten: 07/17/2013

Thanks anyway for the help.
Let's wait that someone who knows about these things can clarify it for us both :)

liberpoolesque
Offline
Beigetreten: 01/07/2020

Let's say the address you want to visit is https://mywebsite.example.com/path/to/file.html.
The hostname is "mywebsite.example.com" and the file path is "/path/to/file.html".
To visit this address, your browser will first ask your configured DNS server which IP address is associated with the hostname "mywebsite.example.com". This lookup is usually unencrypted, so anyone between YOU and your DNS server can see the hostname.
Let's say the IP address associated with mywebsite.example.com is 1.2.3.4 , so your browser will connect to the IP 1.2.3.4 and send the HTTP request "GET /path/to/file.html". If you are using https, all HTTP requests are sent through the encrypted TLS channel, so the file path "/path/to/file.html" can't be seen by anyone else.
For your information: The hostname (mywebsite.example.com in this example) is sent to the target server (1.2.3.4 in this example) before the encrypted channel is created (this means that it is sent without encryption), so anyone between YOU and the target server can see which exact hostname you are connecting to, even if the target server hosts websites for many different hostnames.

When using a VPN service, replace "YOU" with "your vpn server". Anyone who isn't your VPN provider won't know who you are.

Your VPN provider (or, if you don't use a VPN, your ISP) will likely be able to see all domains (yes, including all subdomains) you are connecting to, but the file path ("/path/to/file.html" in the example above) will not be revealed as long as you are using https, assuming that the VPN software installed on your system does not contain malicious code.