访问不存在的域名被劫持

bx45 · 发表于 2022-3-16 12:11:32

root@mad2:~# ping lg.mad2.hosthat423ch2.com
PING cs.wangxin.com (154.85.62.49) 56(84) bytes of data.
64 bytes from 154.85.62.49 (154.85.62.49): icmp_seq=1 ttl=114 time=229 ms
64 bytes from 154.85.62.49 (154.85.62.49): icmp_seq=2 ttl=114 time=228 ms
64 bytes from 154.85.62.49 (154.85.62.49): icmp_seq=3 ttl=114 time=228 ms
64 bytes from 154.85.62.49 (154.85.62.49): icmp_seq=4 ttl=114 time=229 ms

ping不存在的域名全部到这个ip 这是被劫持了吗
http页面全部跳转到'http://www.wangxin.com/'

灌水王 · 发表于 2022-3-16 12:11:46

digital-vm马德里机房的vps

wangfeng · 发表于 2022-3-16 12:12:08

运营商也会跳转到一些网址导航

max6000 · 发表于 2022-3-16 12:12:16

看域名吓我一跳，我以为是某部门

bererfd · 发表于 2022-3-16 12:13:11

root@mad2:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:16:3c:31:2c:31 brd ff:ff:ff:ff:ff:ff
inet 5.111.111.173/25 brd 5.111.111.255 scope global eth0
valid_lft forever preferred_lft forever

root@mad2:~# arp -a
irb-0.agg1v.mad1.es.m247.com (5.111.111.130) at 08:b2:58:c7:15:00 [ether] on eth0
? (5.111.111.129) at 00:00:5e:00:01:04 [ether] on eth0

是不是机房被arp劫持