Outgoing network connections made by CCC

Product: 
ccc5

If you're using an application firewall such as Little Snitch, you will see several outgoing network connections coming from CCC. We explain below what connections you should expect to see, and also explain why some connections that look unexpected are simply misreported by Little Snitch.

Ordinary activity

CCC will make external network connections for the following activity:

  • † When you launch CCC and it is a scheduled time to check for a software update (bombich.com and mc.bombich.com)
  • † When anonymous application usage statistics are submitted to Paddle (via the "CCC Stats Service" to paddleapi.com and paddle.com)
  • When you submit a ticket to our help desk (mew.bombich.com and carboncopycloner.zendesk.com)
  • When you view the documentation (which takes you to our website, bombich.com)
  • When you visit our store (which also takes you to our website, bombich.com and our sales vendor, sites.fastspring.com)
  • If you have set up email notifications for completed tasks
  • If your backup task specifies a network volume or remote Macintosh as the source or destination

† These activities are enabled only upon your assent when you first launch CCC, and can be suppressed any time later via the Software Update section of CCC's Preferences window. No personal data, nor personally-identifiable data is ever sent to these services.

When you view the documentation via CCC, you connect to bombich.com just as you would in your web browser. Like most websites, bombich.com connects to other domains for certain purposes. We use Content Delivery Networks (CDNs) to serve our static content, such as file downloads, images, styling, fonts, and so on. The CDNs we use are bootstrapCDN (which is hosted by maxCDN) for styling, jquery and fastly for scripts, Google for fonts, Rackspace (rackcdn, hosted by akamai) for files and images, and NewRelic for performance and uptime monitoring (nr-data.net, newrelic.com). CDNs not only provide powerful servers, they also have servers around the world and pick the one nearest to the user so that content can be delivered faster.

FastSpring is our e-commerce partner that handles everything to do with pricing and purchasing. If you go to our store, you are directed to their website. They use Cloudfront, Amazon's CDN service, to host some of their static content.

Why does Little Snitch indicate that CCC is connecting to google.com and other unrelated-seeming domains?

When CCC connects to any server, Little Snitch (or any monitor) sees the IP address only. It then makes a guess as to the domain name associated with that connection, which makes it much easier for the user to recognize. Because CDNs are used to serve files for hundreds of different websites and companies, everything is very interconnected, and sometimes an IP address has dozens of different domain names associated with it. You can actually see Little Snitch's other possible guesses by clicking the domain name in bold in the Little Snitch window:

Little Snitch CND guesses

It could pull any host name from the list, and we don't know what algorithm Little Snitch uses to decide which one to choose.

The result: google.ca, google.com, googleapis.com, and ytimg.com are all domains associated with Google's servers. We aren't actually connecting to all these domains, but when we connect to Google Web Fonts, for example, we're accessing some of the same servers.

You can view a list of the CDNs that we use here (and also look at any other websites you are curious about). This forum post at the ObDev website describes a similar report of the same problem (unrelated to CCC): Little Snitch showing wrong host name for IP.