New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
They're on ColoCrossing dedicated server
dedicated server? bummer :P
Yep, LEB/LET is hosted on a dedicated server. They used to be hosted on a Linode, however they had issues with them nullrouting them on small attacks and have since moved on to a dedicated server
The website has grown quite a lot and is also a target for many attacks so needs pretty good DDoS protection. I'm pretty sure many VPS hosts who have nodes wouldn't really like to have a target such as this on their nodes.
LowEndTalk is hosted by ColoCrossing in Woodland, California.
@Jack How so? It's geo-located there. Might be physically somewhere else though.
Then where is it... why say it's "off" and not actually say where you think it is?
GeoIP shows California, and on ColoCrossing's site lists their CA datacenter info:
55 S. Market Street
San Jose, CA 95113
http://www.colocrossing.com/datacenter/california/sj1
Some sort of CDN/LB in place...
From my main VPS-
traceroute to lowendtalk.com (108.162.195.161), 30 hops max, 40 byte packets 1 host.colocrossing.com (198.23.149.2) 0.026 ms 0.031 ms 0.015 ms 2 69.46.34.17 (69.46.34.17) 0.873 ms 0.864 ms 0.859 ms 3 xe-0-5-0-6-51.r05.sttlwa01.us.bb.gin.ntt.net (198.104.203.245) 1.593 ms 1.833 ms 1.831 ms 4 ae-3.r04.sttlwa01.us.bb.gin.ntt.net (129.250.5.50) 1.541 ms 1.811 ms 1.804 ms 5 xe-1-0-0.cr1.sea1.us.nlayer.net (63.141.219.4) 19.693 ms 19.691 ms 19.684 ms 6 as13335.xe-1-3-0.cr1.sea1.us.nlayer.net (63.141.219.26) 21.738 ms 21.738 ms 21.731 ms 7 108.162.195.161 (108.162.195.161) 19.953 ms 19.988 ms 19.966 ms
From my home connection-
pi@pluto ~ $ traceroute lowendbox.com traceroute to lowendbox.com (108.162.198.81), 30 hops max, 60 byte packets 1 10.1.1.1 (10.1.1.1) 0.729 ms 0.445 ms 0.558 ms 2 loopback1.wel20.perth.telstra.net (165.228.4.1) 14.636 ms 15.823 ms 17.352 ms 3 tengige0-8-0-2.wel-core3.perth.telstra.net (203.50.115.129) 21.349 ms 21.425 ms 24.786 ms 4 bundle-ether7.fli-core1.adelaide.telstra.net (203.50.11.18) 56.000 ms 55.883 ms 67.415 ms 5 bundle-ether9.win-core1.melbourne.telstra.net (203.50.11.91) 71.090 ms 70.973 ms 71.036 ms 6 bundle-ether12.ken-core4.sydney.telstra.net (203.50.11.12) 91.369 ms 70.800 ms 82.438 ms 7 tengigabitethernet7-1.ken45.sydney.telstra.net (203.50.20.64) 71.366 ms 70.440 ms 71.737 ms 8 pacnet2.lnk.telstra.net (139.130.94.34) 73.486 ms 73.186 ms 74.638 ms 9 te0-2-0-0.cr1.syd5.asianetcom.net (203.192.174.177) 76.736 ms 70.277 ms 71.444 ms 10 te0-0-0-0.cr2.syd5.asianetcom.net (203.192.174.166) 73.836 ms 77.850 ms 77.681 ms 11 gi3-1-3.gw1.syd2.asianetcom.net (203.192.174.162) 77.313 ms 71.278 ms 71.331 ms 12 CDF-0011.asianetcom.net (203.192.167.86) 112.442 ms 112.543 ms 72.742 ms 13 108.162.198.81 (108.162.198.81) 71.936 ms 73.436 ms 73.134 ms
Now from what I've gathered CDF-0011.asianetcom.net is related to CloudFlare, and this checks out with LEB's DNS..
QUESTIONS: lowendbox.com, type = AAAA, class = IN AUTHORITY RECORDS: -> lowendbox.com ttl = 1799 (29 mins 59 secs) primary name server = ken.ns.cloudflare.com responsible mail addr = dns.cloudflare.com
Is it hosted on one server only?
None of those IP's are LEB/T's though, this is why CloudFlare is in place.
Correct me if I'm wrong, but the original IP addresses of the sites is unknown, CF caches from the original server and serves the page from the nearest PoP, thus the IP's showing being the closest CF PoP.. is that not how CF is used, hence it not mattering if I posted the IP's?
Also, if someone wanted to attack, they'd be capable of doing a tracert.
Domaintools.com actually geolocates the IP in Australia
http://whois.domaintools.com/108.174.48.100
http://whois.domaintools.com/108.162.198.81 (First route, done via USA VPS)
http://whois.domaintools.com/108.162.195.161 (Second route, done via AUS VPS)
These are CloudFlare owned IP's and not LET/B's.
Looks like 108.174.48.100 is the original, where'd you get that from @gsrdgrdghd ?
Also, my UK box:
traceroute to lowendtalk.com (108.162.195.161), 30 hops max, 60 byte packets 1 uk1.redacted (redacted) 0.047 ms 0.015 ms 0.014 ms 2 h176-227-222-XXX.host.redstation.co.uk (176.227.222.XXX) 0.334 ms 0.357 ms 0.394 ms 3 ldn-b4-link.telia.net (80.239.160.177) 3.454 ms 3.445 ms 3.427 ms 4 cloudflare-ic-154357-ldn-b5.c.telia.net (80.239.161.246) 3.598 ms 3.599 ms 3.585 ms 5 108.162.195.161 (108.162.195.161) 3.514 ms 3.496 ms 3.645 ms
That's Cloudflare. To get the actual server IP you have to get around Cloudflare.
As far as I'm aware, yes.
Note how the IP he orginally posted is registered by ColoCrossing, not CF like the other two.
http://whois.domaintools.com/108.174.48.100
Interesting.