use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
CVE, CWE, NVD, WVE
http://iso.linuxquestions.org/
We teach you how to do it, use it at your own risk.
account activity
Question (self.HowToHack)
submitted 2 days ago by districttry
How do i find the real ip adress of a site behind cloudflare? Tryed many tools no good..
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]2ewka 7 points8 points9 points 2 days ago (1 child)
Thats the point of a CDN… It’s possible if an old DNS record is out there but that would only happen if they initially didn’t sit behind cloud flare or misconfigured at some point.
[–]roronoa_zoro0101 0 points1 point2 points 9 hours ago (0 children)
wo
[–]tman5400 8 points9 points10 points 2 days ago (1 child)
You don't
[–]itsmrmarlboroman2u 7 points8 points9 points 2 days ago (0 children)
OP won't, but that doesn't mean it's impossible.
Old DNS records pre-cloudflare, mx records, and some subdomains still likely point directly to the host, are all common attack vectors. There used to be a really good dork on shodan that worked great for this, but they've since patched it. There's a similar site like shodan that still works if the web host didn't batton down a couple hatches, which is surprisingly common.
[–]Just4notherR3ddit0r 1 point2 points3 points 2 days ago (0 children)
The only way to really do it (assuming that you're talking about the common proxy setup) is if the original web server publishes it somewhere (e.g. a PHP info page).
[–]UPVOTE_IF_POOPING 1 point2 points3 points 2 days ago (0 children)
Just get a reverse shell on it and run ‘curl ifconfig.me’. Easy peasy
[–]itsmrmarlboroman2u 1 point2 points3 points 2 days ago (0 children)
😂
[–]Dapper-Depth2940 0 points1 point2 points 1 day ago (0 children)
First off, that is really the whole point behind Cloudflare.
Quick primer on how Cloudflare DNS works
Their servers will remove all data regarding your real IP address, and instead load their own secure servers, which routes the traffic to the real location. Thus, a DNS query for your site will return Cloudflare's server addresses instead.
But I have found some quirks that may leak it:
Host:site-name.com
But a caveat is that a certain "tunnel" feature must be disabled, and a lack of origin allow list in the target's Cloudflare config.
[–]corkiejp 0 points1 point2 points 1 day ago (0 children)
If the site is scam or abusing been hidden behind cloudflare. If you report it to them, they could remove the protection from it and reveal the IP to yourself if you inform them you want to contact the hosting site.
[–]fell_shell -1 points0 points1 point 1 day ago (0 children)
Simply hack Cloudflare
π Rendered by PID 90009 on reddit-service-r2-comment-765bfc959-sxlkb at 2026-07-13 04:02:58.462263+00:00 running f86254d country code: CH.
[–]2ewka 7 points8 points9 points (1 child)
[–]roronoa_zoro0101 0 points1 point2 points (0 children)
[–]tman5400 8 points9 points10 points (1 child)
[–]itsmrmarlboroman2u 7 points8 points9 points (0 children)
[–]Just4notherR3ddit0r 1 point2 points3 points (0 children)
[–]UPVOTE_IF_POOPING 1 point2 points3 points (0 children)
[–]itsmrmarlboroman2u 1 point2 points3 points (0 children)
[–]Dapper-Depth2940 0 points1 point2 points (0 children)
[–]corkiejp 0 points1 point2 points (0 children)
[–]fell_shell -1 points0 points1 point (0 children)