异常来源特征如下:
来源用户名统一都是三个字组成的看起来是真实姓名
用户头像大多是卡通头像
用户来源客户端设备统一是 iphone 6 ios10.0.1
用户信息
{"nickName":"陈益*","userId":"54018862462955****"}
客户端信息
{"model":"iPhone6","windowWidth":375,"windowHeight":667,"language":"zh-CN","screenWidth":375,"screenHeight":667,"pixelRatio":1,"version":"6.6.0","statusBarHeight":20,"system":"iOS 10.0.1","brand":"iPhone","fontSizeSetting":16,"platform":"ios","SDKVersion":"2.5.0"}
甚至还有客户转发出来的小程序被这类用户直接访问,
因为记录了转发人的userId,所以后台显示是来自客户的转发
但是实际上客户没有转发给这个用户
怀疑微信后台会访问用户转发出来的小程序导致的
在后台查了对应用户的访问轨迹,也很诡异
比如从A页面跳转到A页面,但是实际上页面不存在这类跳转
下面某个这类用户的访问轨迹,注意10:41:54的记录,两次跳转发生在同一秒钟,而且进入参数也不同(下面的记录是把参数过滤掉了的)
{"time":"10:41:36","event":{"page":"/","event":"app_show"}}
{"time":"10:41:37","event":{"page":"pages/load/load","event":"page_load"}}
{"time":"10:41:37","event":{"page":"pages/load/load","event":"page_show"}}
{"time":"10:41:43","event":{"page":"pages/load/load","event":"page_reachBottom"}}
{"time":"10:41:44","event":{"page":"pages/load/load","event":"page_shareApp"}}
{"time":"10:41:47","event":{"page":"pages/load/load","event":"page_unload"}}
{"time":"10:41:47","event":{"page":"pages/tab/card/card","event":"page_load"}}
{"time":"10:41:47","event":{"page":"pages/tab/card/card","event":"page_show"}}
{"time":"10:41:51","event":{"page":"pages/tab/card/card","event":"page_shareApp"}}
{"time":"10:41:54","event":{"page":"pages/tab/card/card","event":"page_unload"}}
{"time":"10:41:54","event":{"page":"pages/tab/card/card","event":"page_load"}}
{"time":"10:41:54","event":{"page":"pages/tab/card/card","event":"page_show"}}
{"time":"10:41:59","event":{"page":"pages/tab/card/card","event":"page_shareApp"}}
{"time":"10:42:02","event":{"page":"pages/tab/card/card","event":"page_load"}}
{"time":"10:42:02","event":{"page":"pages/tab/card/card","event":"page_show"}}
{"time":"10:42:02","event":{"page":"pages/tab/card/card","event":"page_unload"}}
{"time":"10:42:08","event":{"page":"pages/tab/card/card","event":"page_shareApp"}}
审核机器人~
你知道太多了
。。。要灭口么~
真的吗?这类访问数据有点坑啊?有办法过滤掉吗?
好像规律是没有性别信息~其它的自行根据其它信息判断吧,不过随时都有可能改~
审核机器人是不会一直不变,防止有人为了绕过审核故意屏蔽做一些非正常操作。
客户转发出来的小程序也会被机器人访问吗?否则怎么会这么巧,机器人刚好带上客户的userId参数进行访问?