A SUPL request contains your IMSI as session id, a rough location estimate (i.e. your last position), the cell id of your current cellular connection, and of cause some IP address. The IP is not that interesting since it is most likely shared and temporary as your provider uses NAT at least for IPv4, but the IMSI is unique.
Not really. At the monent I’m using supl-proxy against a chinese SUPL server. This proxy replaces the IMSI in requests before forwarding to the real server and reverts the change on the way back. The SUPL provider only sees the spoofed IMSI (something starting with 26201, i.e. German Telekom).
You only need a host with a reasonably new Python3 that is reachable from the internet and change gps.cont to point to it. You could of cause also use eierkopp.ddnss.org:7275, but that means not the Chinese spying on you but me.