Saturday, October 19, 2013

So I tried to log on to www.healthcare.gov... Part 2

After the findings of my previous post, I did a bit of investigation.

$ dig -t a www.healthcare.gov

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -t a www.healthcare.gov
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15412
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.healthcare.gov.        IN    A

;; ANSWER SECTION:
www.healthcare.gov.    900    IN    CNAME    www.healthcare.gov.edgekey.net.
www.healthcare.gov.edgekey.net.    900 IN    CNAME    e7393.dscb.akamaiedge.net.
e7393.dscb.akamaiedge.net. 20    IN    A    23.8.39.205

;; Query time: 102 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Oct 18 23:33:17 2013
;; MSG SIZE  rcvd: 132
After speaking with Akamai support, it turns out that the ban list I'm hitting is controlled by their customers. After some delving back into the past, I think what happened is that when I tried to run a TOR exit node about a year ago, my static IP was flagged for posting some spam comments to a blog, and maybe some other things.

I'm afraid I scared the first level support woman I spoke with. I'm pretty sure she was trained to deal with questions like "How do I create a username?" or "What's a deductible?"  When I came at her with, "I'm trying to log in from a static IP and it looks like I'm on some sort of banned list. Can you do anything to let me in?" she sounded like a deer in the headlights.

At any rate, I still wonder what the IRS will say when I show them these screenshots. I can give them Wireshark traces too.

0 comments: