chenshaoju/gist:567b0f5241cb33345c1b Secret

## gistfile1.txt
抓包结果１：https://www.cloudshark.org/captures/a6b8f70399e9 （GFW模拟用的IP是210.76.206.145，58.215.29.2为我的公网出口IP。）
日志１:
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/ HTTP/1.1" 304 3257 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/print.css HTTP/1.1" 304 234 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/jquery/jquery-ui-1.8.custom.css HTTP/1.1" 304 3007 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/cross_framing_protection.js?ts=1344778698 HTTP/1.1" 304 3006 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/jquery/jquery-1.4.4.js?ts=1344778698 HTTP/1.1" 304 3008 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/update-location.js?ts=1344778698 HTTP/1.1" 304 3006 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/functions.js?ts=1344778698 HTTP/1.1" 304 235 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/jquery/jquery.qtip-1.0.0.min.js?ts=1344778698 HTTP/1.1" 304 235 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/img/logo_right.png HTTP/1.1" 304 212 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/img/b_help.png HTTP/1.1" 304 211 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/img/input_bg.gif HTTP/1.1" 304 210 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
210.76.206.145 - - [15/Apr/2014:07:04:56 +0000] "GET / HTTP/1.1" 200 4909 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"


抓包结果２：https://www.cloudshark.org/captures/558105d7bc06 （GFW模拟用的IP是119.4.47.47，58.215.29.2为我的公网出口IP。）
日志２：
58.215.29.2 - - [15/Apr/2014:06:34:04 +0000] "POST /phpmyadmin/index.php HTTP/1.1" 302 0 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/js/common.js?ts=1344778698 HTTP/1.1" 304 0 "https://xxx.com/phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/navigation.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/main.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:06 +0000] "GET /phpmyadmin/phpmyadmin.css.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&js_frame=left&nocache=5440059238 HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/navigation.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:06 +0000] "GET /phpmyadmin/phpmyadmin.css.php?server=1&token=115ae0bbf1f2bc3a8dc0cfa2446b5060&js_frame=right&nocache=5440059238 HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/main.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
58.215.29.2 - - [15/Apr/2014:06:34:06 +0000] "GET /phpmyadmin/js/messages.php?lang=zh_CN&db=&token=115ae0bbf1f2bc3a8dc0cfa2446b5060 HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/main.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
119.4.47.47 - - [15/Apr/2014:06:34:02 +0000] "GET / HTTP/1.1" 200 4909 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
//此日志很奇怪，为什么119.4.47.47比我访问要快，但是日志记录却在后面？
	抓包结果１：https://www.cloudshark.org/captures/a6b8f70399e9 （GFW模拟用的IP是210.76.206.145，58.215.29.2为我的公网出口IP。）
	日志１:
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/ HTTP/1.1" 304 3257 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/print.css HTTP/1.1" 304 234 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/jquery/jquery-ui-1.8.custom.css HTTP/1.1" 304 3007 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/cross_framing_protection.js?ts=1344778698 HTTP/1.1" 304 3006 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/jquery/jquery-1.4.4.js?ts=1344778698 HTTP/1.1" 304 3008 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/update-location.js?ts=1344778698 HTTP/1.1" 304 3006 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/functions.js?ts=1344778698 HTTP/1.1" 304 235 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/js/jquery/jquery.qtip-1.0.0.min.js?ts=1344778698 HTTP/1.1" 304 235 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/img/logo_right.png HTTP/1.1" 304 212 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/img/b_help.png HTTP/1.1" 304 211 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	58.215.29.2 - - [15/Apr/2014:07:04:44 +0000] "GET /phpmyadmin/themes/pmahomme/img/input_bg.gif HTTP/1.1" 304 210 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
	210.76.206.145 - - [15/Apr/2014:07:04:56 +0000] "GET / HTTP/1.1" 200 4909 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"


	抓包结果２：https://www.cloudshark.org/captures/558105d7bc06 （GFW模拟用的IP是119.4.47.47，58.215.29.2为我的公网出口IP。）
	日志２：
	58.215.29.2 - - [15/Apr/2014:06:34:04 +0000] "POST /phpmyadmin/index.php HTTP/1.1" 302 0 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/js/common.js?ts=1344778698 HTTP/1.1" 304 0 "https://xxx.com/phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/navigation.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:05 +0000] "GET /phpmyadmin/main.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/index.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:06 +0000] "GET /phpmyadmin/phpmyadmin.css.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&js_frame=left&nocache=5440059238 HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/navigation.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:06 +0000] "GET /phpmyadmin/phpmyadmin.css.php?server=1&token=115ae0bbf1f2bc3a8dc0cfa2446b5060&js_frame=right&nocache=5440059238 HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/main.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	58.215.29.2 - - [15/Apr/2014:06:34:06 +0000] "GET /phpmyadmin/js/messages.php?lang=zh_CN&db=&token=115ae0bbf1f2bc3a8dc0cfa2446b5060 HTTP/1.1" 200 0 "https://xxx.com/phpmyadmin/main.php?token=115ae0bbf1f2bc3a8dc0cfa2446b5060&phpMyAdmin=9op30d9u273sh95d38t564516qko6n0v" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
	119.4.47.47 - - [15/Apr/2014:06:34:02 +0000] "GET / HTTP/1.1" 200 4909 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
	//此日志很奇怪，为什么119.4.47.47比我访问要快，但是日志记录却在后面？