Home » website hack » HOW TO FIND REAL I.P. PROTECTED BY CLOUD FLARE?

Friday, November 9, 2012

HOW TO FIND REAL I.P. PROTECTED BY CLOUD FLARE?

Posted by Nirav Desai at 8:40 PM Labels: i.p address, website hack

All these methods are based on bad admin configurations, but still are quite common

If you want to find real I.P. address of website, which is hidden by CLOUDFLARE. It has came to my attention that many booters, hosts, malicious websites, and more use CloudFlare for DDoS Protection & Anti-Abuse Report Protection. With CloudFlare protection, it is difficult to get the hosts IP; therefore, it is difficult to send an abuse report or launch a (D)DoS attack. This simple guide will help you obtain any website protected by CloudFlare's real IP, which can be used for whatever you desire!

METHOD 1:-

If you simply ping the domain , it will give i.p. which is not website`s real i.p. address. you should try following option to get real I.P. address of domain.

ping direct-connect.domain.com

OR

ping direct.domain.com

OR
ping ftp.domain.com
OR

ping cpanel.domain.com

OR

ping mail.domain.com

METHOD 2 :-

For a Long Aged Domain you can use netcraft toolbar to check real ip

For Example

Code:

http://toolbar.netcraft.com/site_report?url=DOMAIN.COM

Clearly We can see change in IP to a cloudflare one.

METHOD 3 :-

You can try bruteforcing DNS , some subdomain will have real IP of website.

For this purpose you need NMAP tools.

Open your terminal with root privellege & type following code

# nmap -sV -sS -F <target>

it will scan host & give results , it`s not give real i.p. of website.(but from this you can know weather website is protected by CLOUDFLARE or not)

Now type following code in terminal

# nmap --script dns-brute -sn <target>

it will give you real I.P. of website. Hope you enjoy!

If you face any problem mention in comment.

Do you Like this Article?

Get Latest Updates For Free!
Your email address will not be shared with anyone

13 comments:

Tiago Rocha said...: nothing work for me in this site "desirekal.com"
please help me send me e-mail...; December 2, 2012 at 3:12 AM
Nirav Desai said...: Real i.p=91.205.40.12; December 2, 2012 at 10:56 AM
mehroze malik said...: This comment has been removed by the author.; January 22, 2013 at 3:23 AM
Nirav Desai said...: ajnabi.net is offline now, so i cannot find its Real i.p. :(@mehroze malik; January 22, 2013 at 11:59 AM
mehroze malik said...: & pklover.net??; January 26, 2013 at 1:51 AM
Nirav Desai said...: All these methods are based on bad admin configurations, if admin configuration is good ,then you can not find real i.p.@mehroze malik; January 30, 2013 at 6:56 PM
ibraim reci said...: i need real ip pawn-shop.cc
and dardania.de ?; March 5, 2013 at 10:17 PM
Nirav Desai said...: dardania.de=210.167.190.56@ibraim reci; March 9, 2013 at 12:13 PM
asilas gaidys said...: HI ALL! pleas haelp me! What is IP adress of site http://erosx.lt? It says 188.165.227.84, but i dont understand it down, but website is on.. it is changed IP in another one no 188.165.227.84.; March 9, 2013 at 10:58 PM
Nirav Desai said...: Ports are filtered, so it blocks your ping request.it allow only some specific i.p.@asilas gaidys; March 12, 2013 at 10:11 PM
hani hanii said...: how can i find real IP for this website "jr7e.com"; March 24, 2013 at 7:29 PM
Nirav Desai said...: reela i.p= 65.110.47.140@hani hanii; March 25, 2013 at 7:44 PM
e2113334 said...: I would love to get the real IP of the website pa-mdh.me, please.

Thank you so much!!!!; April 24, 2013 at 8:25 PM