If you had visited a few hours earlier it would have been direct. Then the hug of death hit.

If you want to visit the page directly without CloudFlare, go to http://trombone.zapto.org instead.

I love watching the text load in discrete chunks!

Gave me a flashback to bbs days!

Still decent, considering.

I don't have that. My response headers:

    HTTP/1.1 200 OK
    Server: mTCP HTTPServ Mar  7 2020
    Date: Sun, 17 Apr 2022 00:30:00 GMT
    Content-Type: text/html
    Content-Length: 5355
    Expires: Fri, 14 Oct 2022 00:30:00 GMT
    Last-Modified: Sun, 17 Apr 2022 00:02:00 GMT
    Connection: keep-alive

The page loads very interestingly. Each paragraph loads separately, one at a time down the page. I'm guessing because of the bandwidth limitation.

I don’t know too much about how CloudFlare works, but it looks like you got a direct connection! Congratulations! My guess is that your DNS does not have the CloudFlare entries yet.

Same for me from Slovenia's T-2 dnslj1.t-2.net. I see that remainimg TTL is only 41 seconds, so it'll not be like that when I post this message.

Really neat, especially the slow loading. When I saw cloudflare on the page, I thought it was faked with javascript, but it was real!

Interesting how chromium will start rendering no matter how little information does it have (:

Yeah, I find the slow loading really fun. Unfortunately, when I install the Ethernet card I imagine it will get a fair bit faster. But on the bright side, I think it will reduce the need for CloudFlare, which helps in terms of authenticity.

I find it interesting how little computer power you need to host a highly accessed website by using CloudFlare. When 386's were the cutting edge it would have taken a car load of computers plus some fancy cutting edge load balancing software. All very expensive.

You could put that entire web page in a Worker probably and not even bother with an origin (or use CF pages).

Disclaimer: I work on R2

The 386 was far from cutting edge by the time Al G^H^H^H^H Tim Berners-Lee got around to inventing the Inter^H^H^H^H^H World Wide Web.

The web was invented in 1989, the same year the 80486 hit the market. So the 80386 wasn't that far from the cutting edge.

I am disappointed too, I wanted my request to be served from that machine :/

If you come back tomorrow, I can probably turn CloudFlare off. Although I understand not being enthusiastic enough about my novelty website to bother.

Please for the love of kittens turn off Cloudflare and never put it on again. For me and other Tor users that awful service is a guaranteed way of ensuring we'll never see your site (which I am very interested in BTW).

Yeah, sorry about that. I am planning on finding a way to keep things interesting and authentic with the hosting, but also accessible to everyone.

In the meantime, if you want to visit the page directly without CloudFlare, go to http://trombone.zapto.org instead.

I use a text based browser from my editor and that loads as close to instantly as you'd ever hope for! A VIC-20 version sounds even more awesome.

If you care about privacy, using a text based browser from an editor is a terrible idea for many reasons, lol.

Sounds interesting. Do share. What's your threat model?

Assuming emacs, attacking major mode detection, or triggering lisp execution.

Edit: but also identifying heuristics like lack of JS execution, or potentially client specific http client behaviour

Turning cloudflare off has DoS implications for a sanely hosted side, let alone a 386. You turning off tor when required would be a better option.

I hope you don’t regularly make such selfish requests to potential DoS victims due to your own arrogance / ignorance.

I’m dumb enough to do it anyway. ;)

Extra points for being able to insult both the OP and myself in one sentence. If you've nothing constructive to add how about you leave us insane, ignorant and arrogant grown-ups in peace to work out our own stuff?

I don’t think I insulted op? You’re not a grown up, you’re a self entitled privacy weeb.

Are there any tricks a user can do to bypass Cloudflare or force a cache invalidation?

That would entirely defeat the purpose of cloudflare's DDoS protections.

Yeah, I imagine it would. I can invalidate the cache myself, but it would not make sense for a user to do so.

generally, adding random query params like ?1, ?2, ?12345 helps with the default settings of including that in the cache key.

that will also work in this instance.

you won't however see it slowly send the response as you do on http://trombone.zapto.org/, as cloudflare seems to block until it received the full response from the backend.

You're not wrong, but all of that behavior is configurable so may work on some sites and not others. The account owner can tell cloudflare whether to consider query params different or the same for cache hit puproses. You can also configure whether cloudflare streams/buffers (although some of it does require the enterprise plan).

No affiliation with cloudflare other than I use them for several sites.

indeed, hence

> helps with the default settings of including that in the cache key

I didn't know about response streaming being configurable, it seems to be enabled by default and configurable for enterprise customers: https://support.cloudflare.com/hc/en-us/articles/206049798-S...

I assume due to the (relatively) small response size of this page it buffers regardless.

If you want to visit the page directly without CloudFlare, go to http://trombone.zapto.org instead.

Nice! Thanks for serving me. It was snappier than expected.

Somehow getting the IP address of the server (in this case 174...*) would enable you to connect directly. Websites, such as crimeflare.org crawled the net to gather those addresses, probably by scanning, but the mentioned site was shut down as it seems.

A site that really wants Cloudflare's protection would ignore all traffic that doesn't come from Cloudflare though. In practice, many origins probably aren't locked down in this fashion.