dumb question from little skid about ddos

[HansoN]

I need to attack a website with lots of balancers and good ddos protection, the site literally consists of text, so methods like browser will fail, and bypass methods fails due to the presence of balancers.

The only vulnerability I see in the availability of IP of their datacenter (hosting) and after some minor manipulations, I got a list of sites on this IP.

1. Does it make sense to attack this IP? What methods are needed?

2. Does it make sense to attack sites located on this IP by L7?

3. Are there any other methods of attack?

 

[vei]

shared web hosting will have same ip for multiple sites, just jailed instances for each. nothing special there. it all depends on what OS, webhost, update versions of those, ports open, etc. too vague to give one answer. maybe slowloris, but too little detail in your question to know for sure

 

[HansoN]

shared web hosting will have same ip for multiple sites, just jailed instances for each. nothing special there. it all depends on what OS, webhost, update versions of those, ports open, etc. too vague to give one answer. maybe slowloris, but too little detail in your question to know for sure

185.68.16.51 - Censys

Summary of 185.68.16.51

search.censys.io

cant L4, opened 80 and 443 returns forbidden

 

[c0d3x]

185.68.16.51 - Censys

Summary of 185.68.16.51

search.censys.io

cant L4, opened 80 and 443 returns forbidden

Amplification, TCP/UDP spoofing for this ISP useless. If we speak about L4 then this IP can be downed by biggest L4 botnet only.
If we speak about L7 - you can try L7 with header "Host". Example:

GET https://185.68.16.51/index.php HTTP/1.1
Host: target.com

In this case (when you attacking their real IP with header "Host") your traffic delivered directly to the target bypassing CDN or some protection. Before trying this, first try to make such a request manually using any request builder.