The network was down for some reason last night. After it was restored this morning, I continued my work.
I was writing an HTML waterfall flow layout. Lan Hou opened it this morning and saw, what, the waterfall flow effect was good yesterday[Looking confused]
When being hijacked
Damn, what a disgusting advertisement
The probability of the pop-up window in the lower right corner appearing is about 1/10. Through Chrome Developer Tools, you can see that the original web page is placed in an iframe and injected with flash ads.
Verify that the browser address bar still contains the correct domain name and has not been redirected. This means that it can only be caused by DNS hijacking. The content returned by the domain name is not a page from the website, but a processed page.
Then I threw the code into the vps and tested it, and it was ok.
At this point, it can be confirmed that the operator DNS is hijacked and advertisements are inserted, so that the returned content is placed in an iframe. The risks this may bring include: cross-domain attacks, keylogging, https certificate forgery, etc., which are more dangerous than ordinary phishing websites.
I have no choice but to modify the DNS.
Finally recovered
Finally, as to why the HTML code of my local file was also hijacked, it was because I called Baidu’s static resource public library, causing the returned js to be incorrect content.
Note: Since the article was published a year ago, the images have been lost