pipishrimp's recent timeline updates

pipishrimp

V2EX member #417341, joined on 2019-05-31 22:50:50 +08:00

pipishrimp 提问技术话题好玩工作信息交易信息城市相关

pipishrimp's recent replies

Mar 18

Replied to a topic by NSAgold › 宽带症候群 › 部分 Cloudflare 的域名近期在大陆无法访问

我域名被分到 188.114.96.0 和 188.114.97.0 了，而且这两个 IP 在全国范围内都被封了端口

Feb 5

Replied to a topic by xyz3210 › 宽带症候群 › 近期境外访问中国网站

别用 ping 检测，ping 不通不代表不能访问，用 curl 指定 UA 可以成功
runner@runnervmkj6or:~$ curl www.txrjy.com
runner@runnervmkj6or:~$ curl -H "Host: www.txrjy.com" http://114.80.179.170
runner@runnervmkj6or:~$ curl -vk https://www.txrjy.com \
-H "User-Agent: Mozilla/5.0" \
--max-time 15
* Host www.txrjy.com:443 was resolved.
* IPv6: (none)
* IPv4: 114.80.179.170, 101.227.20.64, 101.227.20.65, 101.227.20.66, 101.227.20.67, 101.227.20.60
* Trying 114.80.179.170:443...
* Connected to www.txrjy.com (114.80.179.170) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
* subject: CN=txrjy.com
* start date: Sep 17 00:00:00 2025 GMT
* expire date: Sep 16 23:59:59 2026 GMT
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Encryption Everywhere DV TLS CA - G2
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* using HTTP/1.x
> GET / HTTP/1.1
> Host: www.txrjy.com
> Accept: */*
> User-Agent: Mozilla/5.0
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 301 Moved Permanently
< Server: Tengine
< Content-Type: text/html; charset=UTF-8
< Content-Length: 0
< Connection: keep-alive
< Date: Thu, 05 Feb 2026 07:05:56 GMT
< Set-Cookie: acw_tc=707c9f7717702751560381064e5e544bfe6da63acd2eac3b0d49aaf9f4ad56;path=/;HttpOnly;Max-Age=1800
< X-Frame-Options: SAMEORIGIN
< location: forum.php
< Strict-Transport-Security: max-age=31536000
< Via: cache41.l2cn7478[34,34,301-0,M], cache6.l2cn7478[35,0], cache1.cn3259[47,46,301-0,M], cache12.cn3259[49,0]
< Ali-Swift-Global-Savetime: 1770275156
< X-Cache: MISS TCP_MISS dirn:-2:-2
< X-Swift-SaveTime: Thu, 05 Feb 2026 07:05:56 GMT
< X-Swift-CacheTime: 0
< Timing-Allow-Origin: *
< EagleId: 7250b3a017702751560204684e
<
* Connection #0 to host www.txrjy.com left intact
runner@runnervmkj6or:~$

Jan 29

Replied to a topic by 383394544 › 宽带症候群 › 电信 5G 什么时候改成国内拜访地接入的？哪些省改了？

@koor 我家车的车联网，车机流量也是固定接入到重庆联通

Jan 29

Replied to a topic by crc8 › 宽带症候群 › 如何检测有没有省墙？

用自己的网络环境 curl --resolve www.facebook.com:80:61.170.77.86 http://www.facebook.com
其中 61.170.77.86 是上海的 IP ，也可以把 IP 换成其他的但不是自己省份的，在测试前要求这个 IP 可以响应任意 host 头，用来检测此 IP 是否 rst 不属于自己的 Host,例如 curl --resolve www.hwjajabmcdgw.com:80:61.170.77.86 http://www.hwjajabmcdgw.com,如果可以响应，404 也算
然后给这个省外 IP 发送黑名单 host ，如果被 RST 阻断，则说明存在省墙

Jul 23, 2025

Replied to a topic by abchendai00 › 宽带症候群 › 针对 x.com 在国内访问情况一个有趣的发现

GFW 不敢墙 CF 的 IP 加端口，一般都是看到 TLS 里面的域名如果在黑名单里就 tcp 重置

Jan 8, 2025

Replied to a topic by crc8 › 宽带症候群 › 人在潮汕， IP 在广州。

@initialsky 深圳长城宽带甚至可以给你穿透到长沙移动再出去

Nov 9, 2024

Replied to a topic by liuhaibin › 宽带症候群 › 为什么中国三家不去国外买或租公网 IPV4，国外好多大量闲置

@xyz3210 如果只是为了上网，NAT4 比 NAT1 更省 IP?

Nov 20, 2023

Replied to a topic by amyw495062 › 宽带症候群 › nat4 的网络没办法 ZeroTier 穿透，有什么更好的解决方案

@allplay #7 联通电信不知道，反正移动卡流量给的 v6 禁止入站连接