Has anybody encountered the situation when the same user from the same session ID and the same browser requested 2 different scripts on the same webserver inside the duration of 30 sec from two different IP addresses thorugh HTTPS?
Is it viable/normal situation?
Yes, it's normal. ISPs, particularly AOL and mobile providers, can route traffic through different proxies which will change the IP address of a user as they surf the web. Users using a proxy server can also experience this. This is why depending on a static IP address from a user during a session is not recommended for any kind of identification system on a website.
There may also be a case of session hijacking in which case the users session is hijacked by a cracker and used to access the legitimate user's account. In this case we may find the user to be "virtually" accessing the web content from two different IPs.
