Bob Hanson writes: > On Sun, 5 Jan 2014 20:09:23 -0600, Tim Peters wrote: > > > As Benjamin asked, could you please flesh out what > > "blah-blah-blah-dot-com" means - what, exactly, was the site your > > firewall warned you about? > > Forgive me, but I'm an old man with very poor vision. Using my > magnifying glass, I see it is two very long URLs ending with > something like after the blah-blah: < ... akametechnology.com>
I suppose you tried cutting and pasting? Note that you don't need to be exact as long as you're pretty sure you got the whole thing -- your readers who have better eyesight can parse out the URL easily enough. > More precisely, these two IP addresses: > 23.59.190.113:80 > 23.59.190.106:80 Somebody who doesn't know the rules of capitalization (see ww1.akamitechnologies.com) appears to be spoofing Akamai (the web caching/distribution service used by President Obama among other prominent users). The domain referenced is presumably some variation on <IP address>.deploy.static.akamitechnologies.com (according to host <IP>), and the long URL is rooted at /ses/ so it's trying to convince you it's a session (whether that is actually true or not I don't know, that's just what I would guess if I were trying to reverse engineer an honest URL, which this sure doesn't seem to be). So your alarm seems to be verified, but why this happened to a Python download I don't know. It could be DNS hacking between you and python.org, as well as something in the Python MSI. HTH Steve _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
