Friday, March 21, 2014

Finding The IP Behind

oday im going to share with you how to find the real ip behind Cloudflare.
Please note that this wont work to 100% because most of the owners are very smart and change all kind of subdomains to redirect to Cloudflare.
So this is quite basic and easy to use i have used these tools all the time and havent spent time buying ebooks that says go to this resolver and enter site and you will get ip and baam!, Just No , It doesn't work that way.

1. Checking Dns Records & Ping

Lets go ahead and visit network-tools.com.

[Image: tDxMXjL.png] 
here you are going the enter the site adress in the box and press Go.

Here's a example:
Code:
IP address: 193.70.231.61
Host name: site.com
Alias: site.com
193.70.21.61 is from Costa Rica(CR) in region South and Central America

TraceRoute from Network-Tools.com to 193.70.231.61 [site.com]
Hop    (ms)    (ms)    (ms)      IP Address    Host name
1      0      0      63      206.13.64.46      -
2      0      1      0      173.29.246.92      173-219-246-92-link.sta.suddenlink.net
3      53      6      9      206.23.118.145      xe-0-0-3.edge01.dfw01.as13335.net
4      0      0      0      193.7.231.21      -
Trace complete

Retrieving DNS records for site.com...
DNS servers
dog.ns.cloudflare.com [173.25.59.110]
gail.ns.cloudflare.com [173.25.58.116]

Answer records
site.com      A    193.70.31.61    30s
site.com      A    190.93.53.61    30s
site.com      MX  
preference:    10
exchange:    direct-connect.site.com 30s
site.com      MX  
preference:    20
exchange:    ftp.site.com
30s
site.com      99    [47 bytes]    30s
site.com      TXT    v=spf1 a mx include:_spf.elasticemail.com ~all    300s
site.com      NS     dog.ns.cloudflare.com    86400s
site.com      NS     gail.ns.cloudflare.com    86400s
site.com      SOA  
server:    dog.ns.cloudflare.com
email:    dns@cloudflare.com
serial:    2014228352
refresh:    10000
retry:    2400
expire:    604800
minimum ttl:    3600

Now the point here is trying to get a subdomain so in this case we have one here:
Code:
exchange:    direct-connect.site.com 30s

Now let's ping it and see if we get a different ip adress then the one that was assigned to the site.

You can open up cmd and ping it there by using this command "ping yoursite.com" or just go to network-tools.com and press ping & enter the subdomain.
Code:
Sending Ping-Signal to direct-connect.site.com [216.146.73.2] with 32 byte data:
Reply From 216.146.73.2: byte=32 time=105ms TTL=241
Reply From 216.146.73.2: byte=32 time=104ms TTL=241
Reply From 216.146.73.2: byte=32 time=106ms TTL=241
Reply From 216.146.73.2: byte=32 time=105ms TTL=241

So now we got another IP
Code:
216.146.73.2
 Now lets reverse the IP by going to http://www.ip-adress.com/reverse_ip/
And enter the Ip we got earlier.

Code:
13 Hosts on this IP
Now we can see clearly that site.com is there and that means that we got the real Ip of the site.

2. Site History

This has always been useful you can check the ip that the site had earlier but it's not always succesful.
For me it works if the site is kinda old and has recently managed to change to Cloudflare.

Go to this link http://toolbar.netcraft.com/site_report?url=site.com and change site.com to your desired site.

Code:
Netblock owner    IP address    OS    Web server    Last seen Refresh
CloudFlare CDN network    141.101.21.13    Linux    cloudflare-nginx    24-Jan-2014
CloudFlare CDN network    176.53.6.45    Linux    cloudflare-nginx    24-Jan-2014
CloudFlare CDN network    176.53.6.45    unknown    cloudflare-nginx    24-Jan-2014
CloudFlare Latin America S.R.L San Jos    126.23.260.47    unknown    cloudflare-nginx     4-Jan-2014
CloudFlare Latin America S.R.L San Jos    126.3.260.47    Linux    cloudflare-nginx     4-Jan-2014
CloudFlare Latin America S.R.L San Jos    190.3.251.97    Linux    cloudflare-nginx     2-Jan-2014
CloudFlare Latin America S.R.L San Jos    126.2.260.47    Linux    cloudflare-nginx    29-Dec-2013
CloudFlare Latin America S.R.L San Jos    190.93.21.97    Linux    cloudflare-nginx    23-Dec-2013
CloudFlare Latin America S.R.L San Jos    126.23.20.47    Linux    cloudflare-nginx    18-Dec-2013

No comments:

Post a Comment

Google+ Followers

Contact Form

Name

Email *

Message *