We Keep Coding

scraping api protected by impreva

I want to scrape an api, protected by "impreva" society,they use X-D-token in request header , and visid_incap_ incap_ses_* in response header.
now with datacenter proxy I get 200 response each 50 429 http response. even if I use only one concurent request. but with residential proxy I get 200.
is there any solution to bypass this protection by using only datacenter proxy ?
this is the request :
GET /api/magasins/72/navigation-content/ HTTP/2
Host: api.cora.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/91.0.4472.114 Safari/537.36
Accept: application/vnd.api.v1+json
Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cache-Control: no-cache
Pragma: no-cache
Cora-Auth: apidrive
App-Id: 1
App-Signature: BROWSER;WEB;91.0.4472.114;;1.25.0;1;2;Chrome;1080;1920
X-D-Token: 3:R3wmbBvTR1D6vDBmzCLerA==:qzf5V/qwmQQShcP5/cFIjM/goahseigjk/Xs2H5btwW5kCw+nLSNStvZUdugaCm1WIVl4vGCwXFf8Te0GueaZV3koYe2oCe7YiDelKihZ5LSVVz3T6uNKMaOxpSFD+CIP6usg48ioqTCv/Wme5hdCQ8n7b5qR25xWKhFCYesCoYZnen2LHVOVnMWde6AkItRarRDG5IcEUW0XYyojX9i+XL6X3Mgnynvsb7l6wVVW4AruNE80MiLkSgo2XHlh3SBFArXBdBvvyKUpfRUGZokMqYDIS03w/ShB1OJ4KUfKs6Wu1hrNCZlY3N8RTE/S8oYAsjpagWzQwTuCTwCLtYv+48kvXRIihtHC1IQ5nRPsd7s4TuanGYsYDjm3CMaUpvA+pQIqLTiLUYdG+lIMfYXUpQpGOXC+2gF69yxyFQbtxpbluv7NsHELoaaLQHvoYKI:JA3UaEpTRK6Wjf6b6yXbvJ28p7vjimPImMsmAN8GEmI=
Uuid: 2bb3d0ad-04c1-485a-a98d-4ac3d753fd1b
Origin: https://www.cora.fr
Referer: https://www.cora.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Te: trailers
this is the response 429 :
HTTP/2 429 Too Many Requests
Date: Mon, 27 Sep 2021 13:08:36 GMT
Content-Type: application/json
Server: api.cora.fr
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.cora.fr
Vary: Origin
Set-Cookie: nlbi_2346747=ozjvaL0oPg66DB86rtkoMQAAAAA9QXZBJ+NCBIVB3SmXJNXF; path=/;
Domain=.cora.fr; Secure; SameSite=None
Set-Cookie:
visid_incap_2346747=70eYj3uqQcKlyni2K4A651PCUWEAAAAAQUIPAAAAAAD3srVYiHapPbOcjTfZu3h0;
expires=Tue, 27 Sep 2022 10:34:34 GMT; HttpOnly; path=/; Domain=.cora.fr; Secure;
SameSite=None
Set-Cookie:
incap_ses_1099_2346747=FIAFfin/tmOLYnuIJm9AD1PCUWEAAAAA/xhZaPz5UshGvjEiQfzp2w==;
path=/; Domain=.cora.fr; Secure; SameSite=None
X-Cdn: Imperva
X-Iinfo: 0-27795484-27795152 pNYN RT(1632748115671 0) q(0 0 0 0) r(1 1) U5
{"message": "429 Too Many Requests","429}
this is the header of response 200 :
HTTP/2 200 OK
Content-Type: application/json
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 27 Sep 2021 14:13:10 GMT
X-Ratelimit-Limit: 10
X-Ratelimit-Remaining: 9
X-Ratelimit-Reset:
Etag: W/"09af7903630eefe87a18365ff527e6917bac5da1"
Server: api.cora.fr
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.cora.fr
Vary: Origin
Set-Cookie:
nlbi_2346747=FsJOKpMDRQqeSktYrtkoMQAAAADB426mJ/c0BiDBDsyETwFU;
path=/; Domain=.cora.fr; Secure; SameSite=None
Set-Cookie: visid_incap_2346747=Dsbf9nV0RN+yazh0zGE893bRUWEAAAAAQUIPAAAAAAD6RV43J8UcxEZJHt07UrHN; expires=Tue, 27 Sep 2022 08:49:53 GMT; HttpOnly; path=/; Domain=.cora.fr; Secure; SameSite=None;
Set-Cookie: incap_ses_476_2346747=qsgAeXWGFRc+6OUn+BebBnbRUWEAAAAAimqhOCYEdQHug9mxUEC0wA==; path=/; Domain=.cora.fr; Secure; SameSite=None
X-Cdn: Imperva
X-Iinfo: 10-120722009-120615528 pNNN RT(1632751989673 0) q(0 0 0 -1) r(4 4) U5

New to VBA : MSXML2.XMLhttp strips session cookies from POST response

I am very new to VBA and trying to scrape through a website. So far I have been able to get cookies from initial get request and use them in POST for a successful login. The next step is to capture the session and user cookies and use them in the subsequent requests.
Unfortunately, this is where my problem begins.
Post successful login I am using .getAllResponseHeaders() to capture all headers but it seems the two cookies (Set-Cookie: xf_user AND Set-Cookie: xf_session) are missing and hence I am not able to capture them for later use. For comparison and easier understanding, I am posting the fiddler (correct) response and response captured by vba (incorrect).
I am not sure what am I doing wrong. Please suggest any options, I am happy to take an alternate approach. I am sure I am very close to success, just need your expert advice.
Fiddler Response
HTTP/1.1 303 See Other
Date: Thu, 30 Apr 2020 04:55:14 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Apr 2020 04:55:24 GMT
Location: https://f95zone.to/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, max-age=0
Set-Cookie: xf_user=19872%2CUsOoxkBS4bzvLttbYhWkicE-JFQ-vBWo2L68LEVS; expires=Fri, 30-Apr-2021 04:55:24 GMT; Max-Age=31536000; path=/; secure; HttpOnly
Set-Cookie: xf_session=nlJRIrZOrbAiQGVAo_wRJhDSKBsy7wKz; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=15768000
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 58beab553a76fea5-MEL
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 026b0969420000fea583bd8200000001
Content-Length: 0
VBA Response
date: Thu, 30 Apr 2020 13:47:02 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 13:47:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri=""https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct""
server: cloudflare
cf-ray: 58c1b6504d3dfe8d-MEL
alt-svc: h3-27="":443""; ma=86400, h3-25="":443""; ma=86400, h3-24="":443""; ma=86400, h3-23="":443""; ma=86400
cf-request-id: 026cf0462f0000fe8d47804200000001
Snippet From My Code
Set objXMLHTTPSearch = CreateObject("MSXML2.XMLHTTP")
objXMLHTTPSearch.Open "POST", "https://f95zone.to/login/login", False
objXMLHTTPSearch.setRequestHeader "Accept", "text/html, application/xhtml+xml, image/jxr, */*"
objXMLHTTPSearch.setRequestHeader "Accept -Language", "en -US"
objXMLHTTPSearch.setRequestHeader "User-Agent", "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
objXMLHTTPSearch.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
objXMLHTTPSearch.setRequestHeader "Accept -Encoding", "gzip , deflate"
objXMLHTTPSearch.setRequestHeader "Host", "f95zone.to"
objXMLHTTPSearch.setRequestHeader "Content-Length", Len(dataSTR)
objXMLHTTPSearch.setRequestHeader "Connection", "Keep -Alive"
objXMLHTTPSearch.setRequestHeader "cache -Control", "no-cache"
objXMLHTTPSearch.withCredentials = True
objXMLHTTPSearch.send dataSTR
statusSearch = objXMLHTTPSearch.status
fetchHeader = objXMLHTTPSearch.getAllResponseHeaders()

Sending POST Requests using Postman(Chrome plugin), but receiving GET request-why?

I'm sending a POST request via POSTMAN, but my server (WebServer) is receiving it as a GET request - can anyone think why this can happen? Here is some info from postman (part of the URL/hostnames annonymised):
POST /blaa/DescriptionEntities/description HTTP/1.1
Host: blaaa
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Postman-Token: 3901995b-78a0-598f-40d2-83b09e09d12e
id=20&description=hi
The code:
#POST
#Path("description")
#Consumes(MediaType.APPLICATION_FORM_URLENCODED)
#Produces({MediaType.APPLICATION_JSON,MediaType.APPLICATION_XML})
public DescriptionEntity createDescriptionEntity(MultivaluedMap<String,String>map){
System.out.println(map.getFirst("id"));
System.out.println(map.getFirst("description"));
return null;
}
The Server (WebSphere):
No operation matching request path "/blaa/DescriptionEntities/description" is found, Relative Path: /description, HTTP Method: GET, ContentType: */*, Accept: */*,. Please enable FINE/TRACE log level for more details-is anyone able to kindly help here.
Not sure how to set the log level here either(I'm new to this).The relative path at the class level is "DescriptionEntities" Thanks so much.
EDIT- this is the whole class (minus import statements-it's completely experimental and ignore non related errors):
#Path("DescriptionEntities")
public class DescriptionEntityResource {
private DescriptionEntityRepository descriptionEntityRepository=new DescriptionEntityRepository();
#Path("description")
#POST
#Consumes(MediaType.APPLICATION_FORM_URLENCODED)
#Produces({MediaType.APPLICATION_JSON,MediaType.APPLICATION_XML})
public DescriptionEntity createDescriptionEntity(MultivaluedMap<String,String>map){
System.out.println(map.getFirst("id"));
System.out.println(map.getFirst("description"));
return null;
}
}
And the URL in Postman: http://blaa/DescriptionEntities/Description
EDIT: Server.xml
<server description="new server">
<!-- Enable features -->
<featureManager>
<feature>jndi-1.0</feature>
<feature>json-1.0</feature>
<feature>localConnector-1.0</feature>
<feature>appSecurity-2.0</feature>
<feature>ssl-1.0</feature>
<feature>servlet-3.1</feature>
<feature>jaxrs-2.0</feature>
<feature>jpa-2.1</feature>
<feature>jsf-2.2</feature>
<feature>jsp-2.3</feature>
</featureManager>
<httpEndpoint host="*" httpPort="80" httpsPort="443" id="defaultHttpEndpoint" sslOptionsRef="endpointSSLOptions"/>
<sslOptions id="endpointSSLOptions" sslRef="endpointSSL"/>
<ssl enabledCiphers="TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 " id="endpointSSL" keyStoreRef="customKeyStore"/>
<keyStore id="defaultKeyStore" password="annonymised"/>
<basicRegistry/>
<mimeTypes>
<type>svg=image/svg+xml</type>
</mimeTypes>
<httpSession useContextRootAsCookiePath="true" cookieSecure="true" />
<logging consoleLogLevel="INFO"/>
<applicationMonitor updateTrigger="mbean"/>
<webApplication id="annonymised" location="annonymised" name="annonymised"/>
EDIT: Network traffic (using fiddler):
POST /blaa/DescriptionEntities/description HTTP/1.1
Host: blaa
Connection: keep-alive
Content-Length: 20
Cache-Control: no-cache
Origin: chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
EDIT: The GET request:
GET /blaa/DescriptionEntities/description HTTP/1.1
Host: blaa
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Accept: */*
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Cookie: IBMISP=b645ef125eca11e6aeed1341c031a83e- b645ef125eca11e6aeed1341c031a83e-0801740c1b0bc161a63c23e998bba6ec; CoreM_State=83~-1~-1~-1~-1~3~3~5~3~3~7~7~|~~|~~|~~|~||||||~|~~|~~|~~|~~|~~|~~|~~|~; CoreM_State_Content=6~|~~|~|; optimizelyEndUserId=oeu1470813611355r0.3187708418093793; ajs_user_id=null; ajs_group_id=null; amplitude_idibm.com=eyJkZXZpY2VJZCI6Ijk0ZGZlZWE0LTg4NjEtNDMzNi04Yzk5LWMyZWMwNjMxOGZmNFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTQ3MDgxMzY4MDQ4MCwibGFzdEV2ZW50VGltZSI6MTQ3MDgxMzY4MDQ5MCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9; ajs_anonymous_id=%22b645ef125eca11e6aeed1341c031a83e%22; intercom-id=19922b40-fb41-4744-9dfb-89d6875c0294; UnicaNIODID=enSkfJ02Gh7-Z3dNjvn; optimizelySegments=%7B%222753990332%22%3A%22gc%22%2C%222757810742%22%3A%22search%22%2C%222762380326%22%3A%22false%22%2C%223081321317%22%3A%22none%22%2C%223855873690%22%3A%22referral%22%2C%223859505928%22%3A%22none%22%2C%223860673668%22%3A%22gc%22%2C%223861195110%22%3A%22false%22%7D; optimizelyBuckets=%7B%7D; cvo_sid1=EEHN9V3GC6UB; cvo_tid1=BF-jgeF2_Y4|1470813613|1471260957|0; mmcore.tst=0.794; mmapi.store.p.0=%7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22mmid%22%3A%221502797170504%7C%5C%22716298243%7CCgAAAApStaCTtQ0AAA%3D%3D%5C%22%22%2C%22pd%22%3A%221502797170506%7C%5C%22-1893569528%7CCgAAAAoBQlK1oJO1DfyoSkgDAOpF09EAxdNIDwAAABoXwicJwdNIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QBtQ0DAAAAAAAAAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwAAAAAAAUU%3D%5C%22%22%2C%22srv%22%3A%221502797170510%7C%5C%22ldnvwcgus01%5C%22%22%7D%7D; __auc=f59597cf1567352a7c8a1f92cde; _ga=GA1.2.1447575942.1471939647; CoreID6=67988125510914708136127&ci=50200000|Bluemix_51040000|IBMTESTW3_51040000|HR_50200000|IBM_GlobalMarketing_50200000|devwrkscon_50200000|ESTKCS_50200000|DWNEXT; utag_main=v_id:01567352a47a000fc70d49709b1a04072002b06a00718$_sn:4$_ss:0$_st:1471941446924$dc_visit:4$_pn:7%3Bexp-session$ses_id:1471937020076%3Bexp-session$dc_event:19%3Bexp-session$dc_region:eu-central-1%3Bexp-session$ttd_uuid:f57e787f-a10b-48bc-833c-add2cf0e063d%3Bexp-session; 50200000_clogin=v=1&l=1471937020&e=1471941448777
EDIT: I have purged this little test project for now as I can't figure out what's wrong. I may try another time a little further down the line. Still curious as to what went wrong though so let me know if you spot anything obvious. Thanks everyone

MVC4 OpenID Provider Action is not invoked as per URI in XRDS

I am trying to develop an OpenID Provider for Single Sign On capability in my company. I have little experience with either MVC 4 or the DotNetOpenAuth library.
I am trying to build the provider based on the examples downloaded from http://www.dotnetopenauth.net/site.
My provider is not invoked by the relying party but it does not invoke the URI mentioned in the Xdrs. The URI is being formed as
http://localhost:54589/OpenId/provider
but the action for this url (the Provider action) is not being invoked. If I access this URL directly from the browser then it shows the view in the browser.
Below is the Xrds
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS
xmlns:xrds="xri://$xrds"
xmlns:openid="http://openid.net/xmlns/1.0"
xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="10">
<Type>http://specs.openid.net/auth/2.0/server</Type>
<Type>http://openid.net/extensions/sreg/1.1</Type>
<Type>http://axschema.org/contact/email</Type>
<URI>http://localhost:54589/OpenId/Provider</URI>
</Service>
</XRD>
</xrds:XRDS>
I am not sure whether this is an MVC problem OR I am not using DotNetOpenAuth correctly.
Update
On Debugging I found that my MVC razor Xrds.cshtml is being called but the relying party does not redirect to the URI exist in Xrds. I also made sure that I am setting the Request.ContentType as application/Xrds+xml. Below is my code
public ActionResult Index()
{
if (Request.AcceptTypes.Contains("application/xrds+xml"))
{
ViewData["OPIdentifier"] = true;
return RedirectToAction("Xrds");
}
return View();
}
public ActionResult Xrds()
{
ViewData["OPIdentifier"] = true;
Response.ContentType = "application/xrds+xml";
return View("Xrds");
}
When I see the request and response in Fiddler, it come back with result 200 where it should be 302.
Does this mean that the xrds is not going back to relying party in proper format?
Here the fiddler trace
GET http://localhost:4856/login.aspx?ReturnUrl=%2fMembersOnly%2fDefault.aspx HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://localhost:4856/
Accept-Language: en-GB
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: localhost:4856
Connection: Keep-Alive
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcbWFoZXNoLmNoYXVkaGFyaVxEb3dubG9hZHNcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcU2FtcGxlc1xPcGVuSWRSZWx5aW5nUGFydHlXZWJGb3Jtc1xsb2dpbi5hc3B4?=
X-Powered-By: ASP.NET
Date: Mon, 11 Mar 2013 08:59:07 GMT
Content-Length: 9430
------------------------------------------------------------------
POST http://localhost:4856/login.aspx?ReturnUrl=%2fMembersOnly%2fDefault.aspx HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://localhost:4856/login.aspx?ReturnUrl=%2fMembersOnly%2fDefault.aspx
Accept-Language: en-GB
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: localhost:4856
Content-Length: 964
Connection: Keep-Alive
Pragma: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcbWFoZXNoLmNoYXVkaGFyaVxEb3dubG9hZHNcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcU2FtcGxlc1xPcGVuSWRSZWx5aW5nUGFydHlXZWJGb3Jtc1xsb2dpbi5hc3B4?=
X-Powered-By: ASP.NET
Date: Mon, 11 Mar 2013 08:59:14 GMT
Content-Length: 10382

So nginx is not interpreting folded headers correctly?

HTTP/1.1 header field values can be
folded onto multiple lines if the
continuation line begins with a space
or horizontal tab. All linear white
space, including folding, has the same
semantics as SP. A recipient MAY
replace any linear white space with a
single SP before interpreting the
field value or forwarding the message
downstream.(quoted from here)
Here's my server side script,which just dumps the cookie content:
var_dump($_COOKIE);exit;
Here comes my test,please pay attention to the cookie part:
GET /logtest.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.17) Gecko/20110420 AlexaToolbar/alxf-2.11 Firefox/3.6.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Cookie: A=t;
artDate=t
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: iis/8.0
Date: Mon, 23 May 2011 12:38:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.3.2
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
27
array(1) {
["A"]=>
string(1) "t"
}
0
GET /logtest.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.17) Gecko/20110420 AlexaToolbar/alxf-2.11 Firefox/3.6.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Cookie: A=t;
artDate=t
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: iis/8.0
Date: Mon, 23 May 2011 12:38:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.3.2
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
27
array(1) {
["A"]=>
string(1) "t"
}
0
GET /logtest.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.17) Gecko/20110420 AlexaToolbar/alxf-2.11 Firefox/3.6.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Cookie: A=t;artDate=t
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: iis/8.0
Date: Mon, 23 May 2011 12:38:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.3.2
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
47
array(2) {
["A"]=>
string(1) "t"
["artDate"]=>
string(1) "t"
}
0

It's a known issue that doesn't have a high priority.