How to Bypass Firewalls and Obtain the Real IP Address of a Website
Introduction
When you browse the internet, you usually access websites using their domain names. However, behind the scenes, websites route their domain names through Content Delivery Networks (CDNs) like Cloudflare to hide their IP addresses. This provides them with many features, including a web application firewall. But what if you need to discover a website’s real IP address? In this article, we will explore some techniques to do just that.
Why websites hide their IP addresses
Websites hide their IP addresses for a variety of reasons, including:
- Security: Hiding the IP address can make it harder for attackers to launch attacks against the website.
- Performance: CDNs can distribute website content to multiple servers around the world, improving website load times and reliability.
- Privacy: Website owners may not want to expose their IP addresses to competitors or the public.
However, sometimes you may need to know a website’s real IP address, for example, to debug issues or perform security testing.
Techniques to discover a website’s IP address
There are several techniques to discover a website’s real IP address. Some of the most common ones include:
- Ping: You can use the ping command to send a request to the website and get its IP address. However, this may only give you the IP address of the CDN and not the real IP address of the website.
- NSLookup: You can use the NSLookup command to look up a website’s IP address in the Domain Name System (DNS). Again, this may only give you the IP address of the CDN.
Finding the real IP address
Let’s look at an example of how to find the real IP address of a website. In this case, we will use streak.com as our example.
First, we can try pinging the website and doing an NSLookup. We get the following IP address: 104.26.8.186. However, we know that this is a Cloudflare IP address, as browsing to it shows us a Cloudflare page.
Method 1: Checking historical data on SecurityTrails
One way to find the real IP address of a website is to check its historical data on websites like SecurityTrails. By looking at the DNS records of the website, you may be able to find the IP address before it started using a CDN.
However, in the case of streak.com, we couldn’t find any historical data that gave us the real IP address.
Method 2: Using Censys to find the real IP address
Another way to find the real IP address of a website is to use Censys. Censys is a search engine that indexes internet devices and services, allowing you to search for information about websites.
By searching for streak.com on Censys, we were able to find several IP addresses associated with the website. After trying a few of them, we found the real IP address: 130.211.42.74.
Conclusion
In conclusion, while CDNs such as CloudFlare help to protect websites from cyber attacks, they also mask the IP address, making it challenging to identify the real IP address. However, using tools like SecurityTrails and Censys, we can bypass these firewalls and obtain the real IP address of a website, which can be useful in investigating cyber attacks or identifying the origin of suspicious traffic.
