3 Ways to Uncover Origin IP Address Behind Cloudflare

3 Ways to Uncover Origin IP Address Behind Cloudflare | Website OSINT

Рет қаралды 20,328

Күн бұрын

In this video, we will look at 3 ways to find the origin IP address of a website using Cloudflare:
1. Viewing historical DNS records with SecurityTrails
2. Looking up hosts sharing the same website certificate with Censys
3. Using Shodan to search for websites using the same favicon
Please like, comment, and subscribe! Thank you for watching!

Пікірлер: 33

@NormanPashley Жыл бұрын

Hey Christian! Great content, helped in understanding the true dynamics behind the scene. Also, would need your help with few things. Where I can write you to regarding that?

@akroidofficial 2 ай бұрын

that favicon was goddamn man thanks!

@freepalestine_stop_genocide 5 ай бұрын

HOOOOOLY shittttt. This actually worked. I did not think it might be possible, but man, just wanna thank you from the bottom of my heart.

@christianmurray1809 5 ай бұрын

I’m glad to hear the video was helpful! Which way worked for you?

@freepalestine_stop_genocide 5 ай бұрын

@@christianmurray1809 Censys, as well as the shodan. I tried 2 cloudflare websites I am currently working with, one of them returned the origin ip, thanks to you. This information is so valuable to me. Anyway I can donate you for this? Thanks again man.

@jamessylvester3437 2 жыл бұрын

Good video. Thank you, sir.

@christianmurray1809 2 жыл бұрын

Thank you for watching and leaving a comment! Please let me know if you have any suggestions for future videos!

@user-hy5hw7fo9w 2 жыл бұрын

Nice video~~ good luck to you✨👍🏻

@christianmurray1809 2 жыл бұрын

고마워요 송이~~ 😀

@EnglishLaw 2 жыл бұрын

What I do is search the domain for the MX record, and then search the MX record. 8 times of out 10 the email server is the web server and so Voilà

@christianmurray1809 2 жыл бұрын

Nice! DNS records are definitely a treasure trove when it comes to investigating websites! Thanks for watching and leaving a comment.

@answer4274 2 жыл бұрын

Nice video. I enjoyed watching..

@christianmurray1809 2 жыл бұрын

I’m glad to hear that! Thank you for watching and commenting!

@kasta851984 3 ай бұрын

Hey great video❤ I currently investigate an IP which is behind Cloudflare but it's scanning my AWS instance so it's not a Web traffic. Is there a way to find who is behind this Ip 🤔🧐

@christianmurray1809 3 ай бұрын

Hey! There’s quite a few different ways to find the origin IP address. What do you mean by “it’s scanning my AWS instance”? What is scanning your AWS instance?

@kasta851984 3 ай бұрын

@@christianmurray1809 Thank you for your reply. I am using AWS GuardDuty service and I got an alert for port 22 being probed. So the traffic is not a web traffic. The IP is behind Cloudflare.

@vespeneprotoss4346 Жыл бұрын

You mentioned that you look at historical A organizations to send subpoenas to. Just out of curiosity, does Cloudflare not respond to subpoenas or something? Why not just send it to them?

@christianmurray1809 Жыл бұрын

That’s a good question! I prepare reports for a legal team, and the more opportunities to take action against a target, the better! Additionally, some tech companies respond more quickly than others, so it can be more efficient to know the entire landscape of a target’s infrastructure (e.g., Cloudflare may take 3 weeks to act upon a legal request whereas X may take 1 week). To answer your question, Cloudflare does respond to any kind of legal request quite well.

@TheMessanger Жыл бұрын

@@christianmurray1809 your good but looking for the topology or diagram of the server I got some tools but someone share the diagram image and it was awesome I know solarwinds have it but that's a paid service

@shaolin60 Жыл бұрын

thx

@trulyinformationnuskhe-7782 Жыл бұрын

My problem can't find ip address website in cloudflare. My domain in godady but hosting in profreepost .

@trulyinformationnuskhe-7782 Жыл бұрын

Sir, picture quality not very clear in mobile watching can't see a word

@maxl2081 Жыл бұрын

is any paid service to get real ip behind clouflare?

@christianmurray1809 Жыл бұрын

There used to be a site called crimeflare that could find origin IP addresses protected by Cloudflare, but it’s no longer operating. It’s a cat-and-mouse game finding alternatives to crimeflare, and the alternatives probably don’t work as well as crimeflare did. I don’t know of any other services, paid or free.

@ejonesss 2 жыл бұрын

well you could make your video at work and then do a lot of blurring to block out things in the background or find another job that does not take your time away.

@christianmurray1809 2 жыл бұрын

Thanks for the suggestion! That idea has crossed my mind, but I should have enough time for my KZbin channel from here on out. Thanks for taking the time to watch my video and leave a comment! I appreciate it!