You’re thinking about news.ycombinator.com, run on a single server from M5, which is not the same as ycombinator.com.

  > dig +short news.ycombinator.com
  209.216.230.207
  > ipinfo 209.216.230.207
  {
    "ip": "209.216.230.207",
    "hostname": "news.ycombinator.com",
    "city": "San Diego",
    "region": "California",
    "country": "US",
    "loc": "32.7157,-117.1647",
    "org": "AS21581 M5 Computer Security",
    "postal": "92101",
    "timezone": "America/Los_Angeles",
    "readme": "https://ipinfo.io/missingauth"
  }

It was moved to AWS temporarily the last time the servers failed: https://news.ycombinator.com/item?id=32031136

It's also possible to get a copy of HN from Cloudflare in addition to M5. I keep historical DNS data and can confirm there are Cloudlfare IPs that continue to work.

whois is returning AWS and I don't see any of the normal cloudfront headers, but I do see a server header of nginx. So it doesn't look like cloudflare to me, I'd guess they're just running some ec2 instances with nginx configured to give the exact behaviour they need (as I recall they return cached pages to non logged in users, which is why you can sometimes log out and get the page to load when they're having issues). I also see awsdns in their ns records, so it looks to be like they're just doing Geo-dns in route53 to route to the closest instance they're running.