Technical Support and Feedback - flyertalk site redirected?

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0_1 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A400 Safari/528.16)

I tried connecting to flyertalk and somehow got redirected to "dupedb.com" promoting rapidshare downloads.

I don't know if others have experienced this but I got this on three different systems so I'm posting this as a heads-up to the site administrators.

Wirelessly posted (Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 NokiaE63-1/100.21.110; Profile/MIDP-2.0 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413)

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0_1 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A400 Safari/528.16)

I tried connecting to flyertalk and somehow got redirected to "dupedb.com" promoting rapidshare downloads.

I don't know if others have experienced this but I got this on three different systems so I'm posting this as a heads-up to the site administrators.

I've been getting the same here in the UK. No problem earlier this morning, now can only access via mobile site. Faith and trust in Flyertalk site falling further :(

I tried connecting to flyertalk and somehow got redirected to "dupedb.com" promoting rapidshare downloads.

I don't know if others have experienced this but I got this on three different systems so I'm posting this as a heads-up to the site administrators.

Same here.

Same. Are the FT tech people capable of handling the recent problems? If not, and it appears they aren't, they need to find new people.

Same. Are the FT tech people capable of handling the recent problems? If not, and it appears they aren't, they need to find new people.

hacked again. sigh.

a quick google search of dupedb shows that their discussion board is also 'powered by' vbulletin. no idea if that means anything.

Same here in Germany,

using firefox.initially redirected to this file sharing site, now just white screen.
No problems with IE.

cheers

Same problem from Japan. Redirected to the same file-sharing site. Easy to block the redirect in Firefox, but still could not get to FT. Using IE I would just get an error message.

FT seems to be up and running again.
These hacks are quite annoying!

Wirelessly posted (BlackBerry8310/4.5.0.110 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/102)

Same here. Don't think it is the fault of the FT IT group as any dedicated attack will achieve the desired goal.

Indeed, I was also redirected this morning. Will there be some sort of after action report on the outage? If not, I assume it is up to us to take the initiative to change our FT passwords, etc, correct?

Wirelessly posted (BlackBerry8310/4.5.0.110 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/102)

Same here. Don't think it is the fault of the FT IT group as any dedicated attack will achieve the desired goal.

That may well be true, but FT without a doubt, seems to have far, far more problems than ANY website of any type that I visit.

It should be getting a bit embarrassing for the IT staff at this point...

Regards

That may well be true, but FT without a doubt, seems to have far, far more problems than ANY website of any type that I visit.

It should be getting a bit embarrassing for the IT staff at this point...

Regards

Agreed......Just hope members personal details can't be accessed as easily as the site seems to be hacked.

Wirelessly posted (BlackBerry8310/4.5.0.110 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/102)

Same here. Don't think it is the fault of the FT IT group as any dedicated attack will achieve the desired goal.

?????

How is FT (actually, IB) not responsible for the security of their systems? They are running a multi-million $ operation and need either to deal with things in-house or put some serious pressure on their vendors.

The single largest piece of the system (vBulletin) is actually owned by IB. It's their baby now and has been for a couple years.

Same. Are the FT tech people capable of handling the recent problems? If not, and it appears they aren't, they need to find new people.
What FT tech people? The same ones who routinely take 3+ weeks to answer a simple question here?

I never thought I'd say this, but the guys in Colorado Springs were far better, at least on what is customer-facing.

I got the same re-direct this morning- 9:30 a.m. EST. I checked

http://downforeveryoneorjustme.com/ (http://downforeveryoneorjustme.com/)

and it confirmed that FlyerTalk was down for others and not just me.

About 10:15 a.m. EST it came back a and the above URL reported it was up.

Me too. Sucks

Me too. Firefox was redirected IE just could not find page.

Hey Mods, what happened?

Me too, works now though...

I had the same problem earlier. Now that the site is back, though, every time I come over here, I get a pop-up from Kaspersky Security that says:

Application Firefox contains link to web page http://.../ads?client=ca-ib_travel_sede_1&output ...used to steal passwords, credit card numbers or other confidential information. Denied.

It still lets me read the threads though. At first I thought it was more of an issue with Firefox, yet when I go to any other website, I don't get that pop-up screen. Only here at Flyertalk.

We believe that the attackers found a vulnerably in a piece of software on the site. We became aware of the exploit last week and patched the software accordingly. Our security scan of the site did not uncover any additional problems, however someone had left a back door onto the server. We have located and removed the malicious scripts.

We are very sorry for the inconvenience today.

You mean for now. :rolleyes:

By the way, the recent technical, oh, what should we call them, SCREW-UPS are the reason I won't be subscribing to this site. At least until professionals are in charge. :td:

I had the same problem earlier. Now that the site is back, though, every time I come over here, I get a pop-up from Kaspersky Security that says:

Application Firefox contains link to web page http://.../ads?client=ca-ib_travel_sede_1&output ...used to steal passwords, credit card numbers or other confidential information. Denied.

It still lets me read the threads though. At first I thought it was more of an issue with Firefox, yet when I go to any other website, I don't get that pop-up screen. Only here at Flyertalk.

LoneStarMike, that doesn't sound good.
Does the alert popup still come up after IB's actions so far?

You mean for now. :rolleyes:

By the way, the recent technical, oh, what should we call them, SCREW-UPS are the reason I won't be subscribing to this site. At least until professionals are in charge. :td:

I'm confused. What do you mean by "subscribing to this site"? You have an account with FlyerTalk and you just made a post. Isn't that a subscription?

FT needs to get going on stuff...who will want to use a site that has secuirty threats. Thankfully, I use IE which blocked that and just kept the site inaccessible :)

If it's that site - report it to google so that their site get removed: http://www.google.com/safebrowsing/report_badware/

I'm confused. What do you mean by "subscribing to this site"? You have an account with FlyerTalk and you just made a post. Isn't that a subscription?

nope. there's a paid option which removes the ads (as does adblock for free, if you're using firefox) and gives you a larger mailbox.

We believe that the attackers found a vulnerably in a piece of software on the site. We became aware of the exploit last week and patched the software accordingly. Our security scan of the site did not uncover any additional problems, however someone had left a back door onto the server. We have located and removed the malicious scripts.

We are very sorry for the inconvenience today.

So, your server was compromised and there is no statement issued by you stating that we should change our passwords?

Very unsecure.

I'm outta here.

You mean for now. :rolleyes:

By the way, the recent technical, oh, what should we call them, SCREW-UPS are the reason I won't be subscribing to this site. At least until professionals are in charge. :td:

One of the reasons I let my subscription lapse.

nope. there's a paid option which removes the ads (as does adblock for free, if you're using firefox) and gives you a larger mailbox.

Got it. Thanks :D

One of the reasons I let my subscription lapse.

I will not provide this site with any critical information until their IT reputation revives itself. IT security is way too important, how can this possibly happen...we got hacked, fixed it, then got hacked bc we actually didnt fix all the servers? Security please!

We believe that the attackers found a vulnerably in a piece of software on the site. We became aware of the exploit last week and patched the software accordingly. Our security scan of the site did not uncover any additional problems, however someone had left a back door onto the server. We have located and removed the malicious scripts.

We are very sorry for the inconvenience today.

I for one thank you and the others that administer FT. I'll suppress my opinions about the posts (and posters) who threaten leaving.

nope. there's a paid option which removes the ads (as does adblock for free, if you're using firefox) and gives you a larger mailbox.
I'm not clear on it, but the IF subscription fees may very well be going to the HOM in COS instead of to IB.

People vowing not to subscribe may be protesting against the wrong party...

I for one thank you and the others that administer FT. I'll suppress my opinions about the posts (and posters) who threaten leaving.

It is a business and if the firm, FT, could be making more economic profit elsewhere, the firm would dissolve and reallocate its resources in a different market. Thus, I am thankful for such a service, but keep it mind, this is not ran out of some poor person's house who has overloaded their electric circuit for us :) It's a business and they need to respond to customers.

I'd suggest that IB get some junior high coders on their staff. so they can flesh out these problems a bit quicker. ;)

So, your server was compromised and there is no statement issued by you stating that we should change our passwords?

Very unsecure.

I'm outta here.

The compromise was with the application and they had no access at any time to the database. However, for a second let's say that they did. Your password is saved as an md5 hash with a salt added to it. We don't actually ever save your password. When you type in your password, your specific salt is added to it and it's hashed. The resulting hash is compared to the hash stored in the database. If they match, then it lets you in.

MD5 is a one way hash. This means that you can't take a hash and figure out what the original string was. While there are md5 lookup databases that try to catalog all possible hashes, the fact that we salt the password first makes them completely unusable.

This is why if you forget your password here that you can only get instructions to reset it. We can't ever send you your password because we don't know what it is. If a website will email you your password when you forget it, that means that they store your password directly. That's a bad thing.

We didn't warn anyone that they should change their passwords because there is absolutely no way that someone stole your passwords.

I for one thank you and the others that administer FT. I'll suppress my opinions about the posts (and posters) who threaten leaving.

Thanks!

Let me join with others in saying thanks to our hard working IT gurus.

Bigger sites have been hacked including sensitive government sites. The test of IT is how fast they can get things back together. Where we addicts look for instant gratification, you did well guys.

LoneStarMike, that doesn't sound good.
Does the alert popup still come up after IB's actions so far?

No. Once I shut down and then powered up again, the popup was gone.

The compromise was with the application and they had no access at any time to the database. However, for a second let's say that they did. Your password is saved as an md5 hash with a salt added to it. We don't actually ever save your password. When you type in your password, your specific salt is added to it and it's hashed. The resulting hash is compared to the hash stored in the database. If they match, then it lets you in.

MD5 is a one way hash. This means that you can't take a hash and figure out what the original string was. While there are md5 lookup databases that try to catalog all possible hashes, the fact that we salt the password first makes them completely unusable.


While what you write above about MD5 is true, but it does not address the problem of password security on a compromised site.

1.) MD5 is outdated and deprecated, as successful attacks on MD5 have been demonstrated more than 4 years ago. Look this up in any recent book on computer security - or just go to wikipedia. I quote: "On 18 March 2006, [Vlastimil] Klima published an algorithm that can find a collision within one minute on a single notebook computer, using a method he calls tunneling."

How anybody can still use MD5 in critical applications is beyond me. You should switch to SHA. For SHA-1, only theoretical attacks exist, for SHA-2 no known attacks exist.

2.) Salting offers only minimal protection against weak passwords. Everybody with a short password (less than eight characters) should be aware that a brute force attack will uncover it in a few hours (total time for yours and any other similar weak password in the system). Since it is a brute force attack, even a password like "gHj87Q" offers no protection. Also, dictionary attacks can be quite successful - how many of you have a common English word or name as a password? Those take minutes.

3.) A system that has been compromised as far as having backdoors installed, should never be considered safe until reinstalled or restored from a known good backup. Evidence that "they never accessed the database" may be false, since the backdoor application could as well have scrubbed the log files to hide its tracks - very common, btw.

And yes, I do system security for a living.

Everybody with a short password (less than eight characters) should be aware that a brute force attack will uncover it in a few hours (total time for yours and any other similar weak password in the system). Since it is a brute force attack, even a password like "gHj87Q" offers no protection. Also, dictionary attacks can be quite successful - how many of you have a common English word or name as a password? Those take minutes.

Thanks for the reminder.

I thought my passwords were fairly complex but you convinced me to rethink that.

I just added very complex passwords for the log-ins at my financial institutions, hotel and airline mileage/point programs and other websites where someone who cracked the password could drain my account.

I'm sure my passwords could still be hacked but they're going to have to work one hell of a lot longer to do so.

MD5 with SALT is useless, it is NOT a one way hash and can easily be defeated, as it has on other vB powered sites of major size, if you want details, ASK. I am a member of another site that had similar things happen(not an Internet Brands owned site), they tried to cover it up as well. In the end they ate some humble pie, told the real facts, and secured their systems and firewalls again from the start with more security in mind. In addition they use a proxyshield at times when DDOS attacks and brute force attempts happen that aid in loading the site for the legit users.

The hackers responded by posting DB dumps of email addresses, passwords, and other sensitive info on rapidshare and other sites, not once but THREE times over two weeks. (updated to latest passwords and info each time)

They too had MD5 with salt, but it is outdated and not a secure means anymore. You are giving a false sense of security in this reply.

Everybody with a short password (less than eight characters) should be aware that a brute force attack will uncover it in a few hours (total time for yours and any other similar weak password in the system). Since it is a brute force attack, even a password like "gHj87Q" offers no protection. Also, dictionary attacks can be quite successful - how many of you have a common English word or name as a password? Those take minutes.

I’ve never used words or phrases, just a series of random letters and numbers for website passwords. This may sound like a pain to manage, but there are a number of utilities that can organize passwords securely. I’ve been using PasswordsPlus (http://www.dataviz.com/products/passwordsplus/) for several years now, but there are some free ones out there as well, such as a plugin for Firefox I believe.

I’ve never used words or phrases, just a series of random letters and numbers for website passwords. This may sound like a pain to manage, but there are a number of utilities that can organize passwords securely. I’ve been using PasswordsPlus (http://www.dataviz.com/products/passwordsplus/) for several years now, but there are some free ones out there as well, such as a plugin for Firefox I believe.

Keepass is among the best, and has a random password generator with a degree of difficulty meter too (in bits)

I’ve never used words or phrases, just a series of random letters and numbers for website passwords. This may sound like a pain to manage, but there are a number of utilities that can organize passwords securely. I’ve been using PasswordsPlus (http://www.dataviz.com/products/passwordsplus/) for several years now, but there are some free ones out there as well, such as a plugin for Firefox I believe.

Very safe, as long as the length of the password is sufficient. The bare minimum should be 8 characters, 10 characters is a lot better.

MD5 with SALT is useless, it is NOT a one way hash and can easily be defeated

I know I may be nitpicking here. MD5 is a oneway hash algorithm in the way that it is not possible to reconstruct the original message (ie. password) from the hash value.

But, as I pointed out earlier, that is not necessary for a successful attack. Once the password-file (which has salted hash values, not cleartext) is obtained, using brute force will turn up every password of 6 characters or less in a few hours. Dictionary attacks will reveal most passwords that are common names or everyday words.

MD5 specific attacks will compromise many secure passwords by finding a different message that, when salted, will generate the same hash as the unknown password - thus potentially compromising all/most passwords.


as it has on other vB powered sites of major size, if you want details, ASK. I am a member of another site that had similar things happen(not an Internet Brands owned site), they tried to cover it up as well. In the end they ate some humble pie, told the real facts, and secured their systems and firewalls again from the start with more security in mind. In addition they use a proxyshield at times when DDOS attacks and brute force attempts happen that aid in loading the site for the legit users.

The hackers responded by posting DB dumps of email addresses, passwords, and other sensitive info on rapidshare and other sites, not once but THREE times over two weeks. (updated to latest passwords and info each time)


That would indicate to me that more is wrong than just the salted password hashes being compromised once. It would indicate a system that is still compromised. If malicious code of some kind "listens" in to new passwords as they are entered, all salting and hashing is futile.

Also, vulnerabilities might exist in the vB software that promote security breaches - but that is just idle speculation, as I don't know the software.


They too had MD5 with salt, but it is outdated and not a secure means anymore. You are giving a false sense of security in this reply.

Yes, as I pointed out as well. Too many corporations still lack a capable security administrator. Pointing out security of their system by quoting MD5 shows a lack of understanding, unfortunately.

Sigh. IB. So worthless.

3.) A system that has been compromised as far as having backdoors installed, should never be considered safe until reinstalled or restored from a known good backup. Evidence that "they never accessed the database" may be false, since the backdoor application could as well have scrubbed the log files to hide its tracks - very common, btw.

And yes, I do system security for a living.

We understand the flaws in md5 hashes, however everyone I've personally discussed this with has verified that the vBulletin hashing method is sufficiently secure.

While we haven't restored the files from backup, hourly snapshots were diff'ed and we have ensured that the system is secure. This was a script kiddie script that exploited a vulnerability right after it was announced and before we had an attempt to patch.

We understand the flaws in md5 hashes, however everyone I've personally discussed this with has verified that the vBulletin hashing method is sufficiently secure.

If it uses MD5, it must be considered broken. This has nothing to do with vB, it is the algorithm that is at fault.


While we haven't restored the files from backup, hourly snapshots were diff'ed and we have ensured that the system is secure. This was a script kiddie script that exploited a vulnerability right after it was announced and before we had an attempt to patch.

Good to learn that you verified the system's integrity to be uncompromised (which the check against the backups did). ^

I assume that you did additional checks to verify the confidentiality of the password data?

MD5 is so secure :rolleyes:
http://milw0rm.com/cracker/insert.php

http://www.hashchecker.com/

sure salt adds a minor bit of complexity, but a little computer 'pepper' and it fades away.

these sites are HARDLY an effective way, just an example.
This is especially true if someone had a level of server access at any point.

If it uses MD5, it must be considered broken. This has nothing to do with vB, it is the algorithm that is at fault.



Good to learn that you verified the system's integrity to be uncompromised (which the check against the backups did). ^

I assume that you did additional checks to verify the confidentiality of the password data?

Of course. As I said before, there is no way that password data was compromised.

Let me join with others in saying thanks to our hard working IT gurus.

Bigger sites have been hacked including sensitive government sites. The test of IT is how fast they can get things back together. Where we addicts look for instant gratification, you did well guys.

While I would like to say thanks, right now I am at the point of throwing my hands in the air. For SOME unknown reason to me, I am at 50% functionality on FT and have been since the FIRST attack (on 13 Nov I believe). I cant search, I cant PM or reply to PMs, I struggle to quote anyone's threads and doing a simple post on this thread so far has taken me 3 tries and 10 minutes. I keep getting redirected to the Internet Explorer page.....IE cannot display this webpage! So I am feeling much less thankful :td:.

My messages sent to FT HELP have gone unanswered :(. I wont even start about how the FT Chat room has been broken for me and others for nearly 2 weeks since the first attack :td:.

I have a trade thread in CC which I cant access/search to bump. It sure is a BUZZ KILL :(

Luckily Twitter has been keeping me mildly amused, but how much longer until FT IT gets these issues under control?????

I am in the camp of feeling relieved that I DIDNT subscribe and PAY money for this. Sorry but for me, its just gone on way TOO long.

We have been working around the clock to combat this ongoing cyber attack. While service has not yet been restored to normal, progress is being made. The site is most dramatically effected by those overseas in Asia, Australia, and NZ.

We once again apologize for the inconvenience.

We have been working around the clock to combat this ongoing cyber attack. While service has not yet been restored to normal, progress is being made. The site is most dramatically effected by those overseas in Asia, Australia, and NZ.

We once again apologize for the inconvenience.

Thank you for replying and letting us know of the situation ^.

What has made Asia, Australia and NZ be more dramatically effected?

P.S I only got redirected twice before being able to post this post :D.

Thank you for replying and letting us know of the situation ^.

What has made Asia, Australia and NZ be more dramatically effected?

P.S I only got redirected twice before being able to post this post :D.

One part of the cyber attack was mostly coming from that area, I believe. I'm not sure though.

IB-Dick - thank you for responding.

Could you or your colleagues PLEASE help me ? I am STILL getting REDIRECT to Internet explorer issues each time I try to post and I am still LOCKED out of FT Chat and getting that java exception error :(.

This is really starting to drag on (since 13 November for me) and frankly I have just stopped hanging out here on FT daily. All my friends can now get back into CHAT, but I cant :td:.

What is going on?

:(

IB-Dick - thank you for responding.

Could you or your colleagues PLEASE help me ? I am STILL getting REDIRECT to Internet explorer issues each time I try to post and I am still LOCKED out of FT Chat and getting that java exception error :(.

This is really starting to drag on (since 13 November for me) and frankly I have just stopped hanging out here on FT daily. All my friends can now get back into CHAT, but I cant :td:.

What is going on?

:(

I guess it is impossible to tell what is happening on your machine, but have you considered a local problem, like a malware infection of your system? Things you might try if you have just a little computer knowledge - or some friend who has:

try to install an alternative browser and see if the problem persists:

www.opera.com
www.firefox.com

Both browsers are "one click" downloads and a second click to install. If these browsers run fine, make sure to do a full malware check of your computer with a good up to date Antivirus product. Kaspersky would be a good choice and runs for free for at least 30 days.

If the problem persists, go to www.sun.com and download the current Java package. Do a re-install.

If the problem still persists, try the following:

www.knoppix.org

At that site, you can download a "Live Linux" DVD image, which needs to be burned to a DVD, of course. Your computer must be able to boot from a DVD. Boot Knoppix, which will take you all the way to a running, graphical desktop with many applications, including Firefox. If this brings back your flyertalk completely, your Windows installation is infected by something. Knoppix includes tools to eradicate Windows malware, but you should only try this with at least mid-level computer knowledge.

The reason I recommend the Live Session DVD/CD approach is that this is the only way to make sure that you boot a clean, infection-free system.

For starters, eveything that colonius has said is right on. I'd first start off by trying a different browser. That can really help diagnose problems.

IB-Dick - thank you for responding.

Could you or your colleagues PLEASE help me ? I am STILL getting REDIRECT to Internet explorer issues each time I try to post and I am still LOCKED out of FT Chat and getting that java exception error :(.

This is really starting to drag on (since 13 November for me) and frankly I have just stopped hanging out here on FT daily. All my friends can now get back into CHAT, but I cant :td:.

What is going on?

:(

FT chat is broken for almost everybody, and we're working on getting that sorted out asap.

If you continue to have problems, can you possible paste a traceroute in here? To do this, please follow these instructions:
1.) Got to Start > Run...
2.) Type in "cmd" (no quotes) and hit OK.
3.) On the line, type in "tracert www.flyertalk.com" (no quotes) and hit enter.
4.) Copy the output and paste it in here.

There is a more detailed explaination on running a traceroute here: http://support.verio.com/documents/view_article.cfm?doc_id=3743 but instead of pasting that into notepad, you can just paste it into a reply window.

For starters, eveything that colonius has said is right on. I'd first start off by trying a different browser. That can really help diagnose problems.



FT chat is broken for almost everybody, and we're working on getting that sorted out asap.

If you continue to have problems, can you possible paste a traceroute in here? To do this, please follow these instructions:
1.) Got to Start > Run...
2.) Type in "cmd" (no quotes) and hit OK.
3.) On the line, type in "tracert www.flyertalk.com" (no quotes) and hit enter.
4.) Copy the output and paste it in here.

There is a more detailed explaination on running a traceroute here: http://support.verio.com/documents/view_article.cfm?doc_id=3743 but instead of pasting that into notepad, you can just paste it into a reply window.how would that equate to those of us using a mac? ;)

how would that equate to those of us using a mac? ;)

Since Mac OS is based on BSD Unix, it will have a traceroute utility somewhere. (Windows is the only OS that names it differently). Since I am not intimate with Mac OS: Google is your friend. ;)

Since Mac OS is based on BSD Unix, it will have a traceroute utility somewhere. (Windows is the only OS that names it differently). Since I am not intimate with Mac OS: Google is your friend. ;)

Applications>Utilities>Terminal

At the prompt ([yourname]$), type (without quotes) "traceroute www.flyertalk.com" and hit return. It'll look something like this:

Last login: Sun Dec 6 22:03:04 on ttys000
xx-xx-178-69:~ jackal$ traceroute www.flyertalk.com
traceroute to flyertalk.com (67.201.16.68), 64 hops max, 40 byte packets
1 * * *
2 81-188-165-209 (209.165.188.81) 7.023 ms 10.632 ms 5.774 ms
3 32-128-165-209 (209.165.128.32) 8.107 ms 16.984 ms 25.133 ms
4 52-129-165-209 (209.165.129.52) 46.111 ms 37.644 ms 43.164 ms
5 217-129-165-209 (209.165.129.217) 47.766 ms 49.909 ms 38.661 ms
6 ge1-0.cr01.sea01.mzima.net (206.81.80.44) 43.749 ms 43.741 ms 53.306 ms
7 te2-0.cr02.sjc02.us.mzima.net (69.174.120.81) 60.199 ms 53.506 ms 53.296 ms
8 te0-1.cr01.lax02.us.mzima.net (69.174.120.85) 73.087 ms 60.371 ms 68.887 ms
9 xe1-0.cr01.lax01.mzima.net (64.235.224.181) 69.084 ms 67.269 ms 73.567 ms
10 xe0-0.cr01.lax06.us.mzima.net (216.193.255.98) 87.500 ms 73.503 ms 68.107 ms
11 67.201.17.150 (67.201.17.150) 68.489 ms 65.303 ms 60.852 ms
12 flyertalk.com (67.201.16.68) 70.547 ms 61.350 ms 61.976 ms
13 * * *
14 * * *
15 * flyertalk.com (67.201.16.68) 61.114 ms !H 60.864 ms !H
xx-xx-178-69:~ jackal$

Applications>Utilities>Terminal

At the prompt ([yourname]$), type (without quotes) "traceroute www.flyertalk.com" and hit return. It'll look something like this:

Last login: Sun Dec 6 22:03:04 on ttys000
xx-xx-178-69:~ jackal$ traceroute www.flyertalk.com
traceroute to flyertalk.com (67.201.16.68), 64 hops max, 40 byte packets
1 * * *
2 81-188-165-209 (209.165.188.81) 7.023 ms 10.632 ms 5.774 ms
3 32-128-165-209 (209.165.128.32) 8.107 ms 16.984 ms 25.133 ms
4 52-129-165-209 (209.165.129.52) 46.111 ms 37.644 ms 43.164 ms
5 217-129-165-209 (209.165.129.217) 47.766 ms 49.909 ms 38.661 ms
6 ge1-0.cr01.sea01.mzima.net (206.81.80.44) 43.749 ms 43.741 ms 53.306 ms
7 te2-0.cr02.sjc02.us.mzima.net (69.174.120.81) 60.199 ms 53.506 ms 53.296 ms
8 te0-1.cr01.lax02.us.mzima.net (69.174.120.85) 73.087 ms 60.371 ms 68.887 ms
9 xe1-0.cr01.lax01.mzima.net (64.235.224.181) 69.084 ms 67.269 ms 73.567 ms
10 xe0-0.cr01.lax06.us.mzima.net (216.193.255.98) 87.500 ms 73.503 ms 68.107 ms
11 67.201.17.150 (67.201.17.150) 68.489 ms 65.303 ms 60.852 ms
12 flyertalk.com (67.201.16.68) 70.547 ms 61.350 ms 61.976 ms
13 * * *
14 * * *
15 * flyertalk.com (67.201.16.68) 61.114 ms !H 60.864 ms !H
xx-xx-178-69:~ jackal$
thank you ^

thank you ^

Yeah, Thank you! There is also a network tool in the Utilities folder that has a feature in there specifically for doing traceroutes. The Terminal is way easier though.