We are aware that there is currently a partial network outage in our Los Angeles datacenter location impacting some routes relating to shared/reseller hosting servers.
Our network engineering team is currently looking into this further. We will have more information on this shortly.
UPDATE 9:24 AM Pacific:
We have identified the issue as a DDoS attack impacting the broader network. The DDoS attack is specifically targeting UDP. While all servers and core network connectivity are now online and operational, we are now investigating DNS resolution issues impacting some routes, as DNS relies on UDP.
Customers who utilize our nameservers may experience intermittent DNS availability or resolution delays. Our network engineering team is actively working with upstream providers to identify and resolve the issue as quickly as possible.
Further updates will be provided as more information becomes available.
UPDATE 10:23 AM Pacific: This is now resolved. We are closely monitoring the situation.
UPDATE 11:41 AM Pacific: To ensure a long-term and permanent resolution, we are coordinating with our upstream provider to transition our shared/reseller hosting IP ranges through a specialized DDoS mitigation service. While traffic is being re-routed and filtered upstream, some customers may observe intermittent connectivity or brief connection interruptions as routing converges. A detailed post-incident report (RFO) will be published once the incident has been fully resolved (once the dust settles). Thank you for your patience and understanding.
UPDATE 12:39 PM Pacific: Network conditions have stabilized as of now and things are looking good, but we're still awaiting confirmation from upstream that our IP ranges have been fully routed to the specialized DDoS mitigation service. Also, please note that as the DDoS protection systems further learn and adapt to legitimate traffic patterns versus malicious activity, some customers may still observe intermittent connectivity or brief disruptions in some cases.
If you utilize third-party uptime or monitoring services, one action we would recommend from your end at this time is to temporarily increase the check interval to 5–10 minutes. Very aggressive monitoring intervals (for example, every 30–60 seconds) may occasionally trigger rate-based protections or cause monitoring probe IPs to be flagged by mitigation systems, which can result in false-positive alerts.
No additional action is required from your end at this time. Our team continues to closely monitor the situation and work with our upstream providers to ensure long-term stability. We appreciate your continued patience and understanding as final adjustments are completed, and we will share additional updates again shortly.
UPDATE 5:04 PM Pacific: Network conditions have remained stable for the past 4+ hours and continue to look good. Our team is actively monitoring, and remains in close coordination with our upstream providers to ensure continued stability.
At this time, no further impact is expected. If there are any additional developments, this status incident will be updated accordingly. A full post-incident report (RFO) will also be published here in the coming days once all final confirmations are completed.
If you require any assistance in the meantime or have any questions, please feel free to open a support ticket and our team will be happy to assist. Thank you again for your patience and understanding.
Root Cause Analysis (RFO):
On January 21, 2026, at approximately 10:00 UTC, our monitoring systems and upstream providers detected elevated and abnormal traffic levels targeting the datacenter that our Los Angeles shared hosting network is hosted on. This resulted in unstable and intermittent connectivity for some customers, primarily related to DNS resolution.
Our investigation confirmed the event to be a large-scale distributed denial-of-service (DDoS) attack, characterized as a UDP amplification attack exceeding 20 billion packets per second. By approximately 11:00 UTC, our upstream network engineering teams were fully engaged and actively working with us to analyze and mitigate the attack.
Immediate custom mitigation rules were deployed to stabilize the network and maintain overall connectivity. As part of this effort, UDP port 53 (DNS) was temporarily blocked upstream to reduce the DDoS attack surface, and protect overall network stability. While all servers remained powered on and core network connectivity stayed online throughout the incident, this temporary mitigation action resulted in intermittent DNS resolution issues for customers who utilized nameservers hosted within our network.
Customers who utilized third-party DNS providers, such as Cloudflare or registrar-provided DNS services, were not impacted. Our team worked throughout the day to implement multiple workarounds and adjustments in an effort to restore DNS functionality as quickly as possible while maintaining overall network integrity.
At approximately 18:30 UTC on the same day, the attack was successfully contained in-house and the temporary UDP port 53 block was lifted. At that time, DNS resolution issues were fully resolved and service stability was restored.
Later that day, at approximately 21:00 UTC, we completed the introduction of specialized upstream DDoS mitigation services into our network and began routing our shared/reseller hosting server IP ranges through advanced traffic scrubbing and filtering infrastructure. This enhancement provides significantly increased capacity and capability to mitigate large-scale volumetric and amplification-based attacks and allows for proactive handling of future events of this nature.
Since the implementation of these additional protections, the network has remained stable and fully operational. At this time, we do not anticipate any further impact related to this incident. We appreciate our customers’ patience and understanding and remain committed to continued investment in our network to ensure long-term stability and resilience.
