[Bob Hanson]
... magnifying glass, I see it is two very long URLs ending with something like after the blah-blah: < ... akametechnology.com>
[Stephen J. Turnbull]
I suppose you tried cutting and pasting? Note that you don't need to be exact as long as you're pretty sure you got the whole thing -- your readers who have better eyesight can parse out the URL easily enough.
I don't think this was cut 'n paste. Looking up the IP addresses returns legit Akamai URLs:
More precisely, these two IP addresses: 23.59.190.113:80 23.59.190.106:80
C:\Code>ping -a 23.59.190.113 Pinging a23-59-190-113.deploy.static.akamaitechnologies.com [23.59.190.113] with 32 bytes of data: ... C:\Code>ping -a 23.59.190.106 Pinging a23-59-190-106.deploy.static.akamaitechnologies.com [23.59.190.106] with 32 bytes of data: ... Bob's "< ... akametechnology.com>" just looks like compounded typos.
... So your alarm seems to be verified, but why this happened to a Python download I don't know. It could be DNS hacking between you and python.org, as well as something in the Python MSI.
Honestly, for all we _know_, this firewall alert may have been triggered by some other program that just happened to wake up while Bob was installing Python. Sure, that's unlikely. But so is everything else about this ;-)