These days most websites uses Cloudflare for there protecting against DOS or DDOS attacks. Cloudflare is free and easy to setup. Cloudflare conceals the IP address of the website in order to protect it from attack. However if you want to know the real IP address by bypassing CLoudflare proxy IP. For example there might be a malware Command and Control (C&C) server hiding behind a CLoudflare. Or there might be a scenario in which a penetration tester would have to test a website's resilience against a DOS attack if somehow IP become public. There is tool that utilize the crimeflare.org's API, a long standing critic of CLoudflare. The tool is called HatCloud developed in Ruby and open sourced. It is available to download from
Github.
Usage is simple
ruby hatcloud.rb -b yoursite.tld
Although the program not always yield a result. There are many false positive. But none the less something is better than nothing.
