# What is? CDN?

Content distribution network (Content Delivery Network, abbreviation CDN) It is built and covered on the bearing network , A distributed network made up of edge node servers distributed in different regions .
CDN Widely applied , Support a variety of industries 、 Multiple scene content acceleration , for example : Picture small file 、 Big file download 、 Video and audio on demand 、 Live streaming 、 Speed up the whole station 、 Safe acceleration .

Simply speaking ,CDN Let users get the content they need nearby , Reduce network congestion , Improve user access response speed and hit rate .

Sum up ,CDN It has the following main functions :
(1) Save backbone bandwidth , Reduce bandwidth requirements ;
(2) Provide server-side acceleration , Solve the problem of server overload caused by large user access ;
(3) Service provider can use Web Cache Technology caches locally what users access Web Pages and objects , The access of the same object does not need to occupy the exit bandwidth of the trunk , And improve the demand of the corresponding time for users to visit the Internet page ;
(4) Can overcome the problem of uneven distribution of websites , And it can reduce the construction and maintenance cost of the website ;

(5) Reduce “ Communication storm ” Influence , Improve the stability of network access .

# How to judge the existence of CDN

1. direct ping

Not at the same time , Then judge the existence of cdn. When they are the same, they don't exist CDN.

2. Using multi node technology to judge the request

For example, super ping, Return multiple IP Value, there is CDN. Return to single IP There is no CDN.

# Bypass CDN Methods

1. Subdomain query to get real ip

Some subdomains and domain names may be deployed on the same server , Guess the subdomain name of ip May be the target site of ip

There are many subdomain query tools or platforms on the Internet

such as :https://dnsdb.io/zh-cn/

2. Exploit website vulnerabilities

Some websites may have phpin Minggan information leaks 、Apache status and Jboss status Leakage of sensitive information 、 The source code of the web page is leaked 、svn Information disclosure letter 、github Information leakage, etc . If exist web Loophole , The server initiated a request to connect with us , We can also get the real site ip. for example xss、ssrf、 Command execution bounce shell etc. .

such as phpinfo, Test with your own build :

3. Using email query service

You need to download a mail service software , such as foxmail, Download link :https://www.foxmail.com/

Some websites register new users , You can sign up by email , It can be inferred that the mail server and the website are on the same server or network segment .

Check the mail source code when registering to get the real mail server ip And then infer the truth of the website ip Address .

Received Item is the address of the mail server .

4. Use a foreign address to request

Some websites are not set up in other countries CDN node , So when you visit a website abroad, you can visit the source site directly from time to time, so as to get the truth ip.

You can use vpn Switch foreign nodes to access 、ping、nslookup And so on ip.

5. Use the third party interface to query the real ip

For example, foreign interface :

get-site-ip.com
asm.ca.com

At home : The intelligence community

x.threatbook.cn

6. Use the dark engine to search specific files to get real IP.

Three common search engines :

shodan:https://www.shodan.io/
Zhong Kui's eyes :https://www.zoomeye.org/
fofa:https://fofa.so/

For example, some documents ico The file is specific , You can use the hash value of the file to search in the search engine .

Get the file of the file hash There are many ways to value .
Command line :

Get-FileHash + file name 

perhaps python Code view ico Of documents hash( Environmental Science python2):

import mmh3
import requests
response = requests.get(' file url')
favicon = response.content.encode('base64')
hash = mmh3.hash(favicon)
print('http.favicon.hash:'+str(hash))

obtain hash And then use it shodan Search for

http.favicon.hash:'hash'

7. Sweep the whole net

 adopt Zmap、masscan、fuckcdn、w8fuckcdn And other tools to scan the entire Internet , Search keywords for scanning results , Get the website real IP.
fuckcdn:https://github.com/Tai7sy/fuckcdn
w8fuckcdn:https://github.com/boy-hack/w8fuckcdn
fuckcdn Usage method :
open set.ini The configuration file , Just follow the instructions

Run... After configuration .exe File can .

The other tool steps are roughly the same , No more demonstrations .

8. A little trick

Some websites may add www. And no addition www. Back to ip It may be different ,cdn Nodes may be deployed in www. On . real ip Maybe it's the one not added .

Some websites may be mobile , The format for m., Often this is not set cdn, Get real ip.

When it's impossible to judge by hand synthesis , You can check the website record number and address , And then combined with the scanning ip Compare regional addresses to get real ip Address .

CDN Related knowledge and CDN More related articles around

  1. 【 primary 】http Caching and cdn Related technology

    Abstract : I'm going to share this topic in the group recently , So I prepared for a week , I checked a lot of information . Although the preparation process is very tedious and time-consuming , But because you need to look up a lot of information , So the whole process comes down , The impact on this knowledge is more profound . Come on, come on , Let's summarize One ...

  2. http Caching and cdn Related technology

    Read the directory One http cache Two .Http Cache concept resolution 3、 ... and .cdn Related technology Abstract : I'm going to share this topic in the group recently , So I prepared for a week , I checked a lot of information . Although the preparation process is very tedious and time-consuming , But because you need to look up a lot of information , ...

  3. CDN Technology -- Streaming media CDN The composition of the system

    Streaming media service is a real-time service . Continuity . Business with high timing requirements , In terms of bandwidth consumption and quality assurance , Yes best-effort Of IP The Internet is a big shock – High bandwidth requirements – high QoS requirement – Multicast . The broadcast demands ( at present IP ...

  4. Qiniuyun The fusion CDN Test domain name -> The fusion CDN Accelerate domain name

    Qiniuyun The fusion CDN Test domain name -> The fusion CDN Accelerate domain name This article mainly explains How to integrate the seven ox clouds CDN Test domain name Switch to the custom acceleration domain name , Why I wrote this is because I received a letter [ Qiniuyun ] Test domain name recycling notification email ...

  5. 【Python Take your time (5)】 Class inheritance case analysis ,python Related knowledge extension

    Class inheritance case analysis ,python Related knowledge extension author : Bai Ningchao 2016 year 10 month 10 Japan 22:36:57 Abstract : Following < Learn quickly python> After one article , The author will python Study the official documents carefully . Official ...

  6. Move WEB Pixel related knowledge

    Learn about mobile web Pixel knowledge , The main purpose is to have a clear idea when cutting the picture . This paper focuses on one problem : How to get the logical pixels we need according to the screen size and physical pixels provided by the device manufacturer ? Focus on this problem with iphone5 As an example to explain the web Pixel correlation ...

  7. listener About the monitor

    I learned from other people's blogs listener I'd like to share my knowledge with you now 1. Concept : A listener is a common device that implements a specific interface java Program , This program is dedicated to listening to another java Object's method call or property change , When the monitored object happens ...

  8. UIViewController Related knowledge

    title: UIViewController Related knowledge date: 2015-12-13 11:50categories: IOS tags: UIViewController Little program, my blog :h ...

  9. 【 turn 】java NIO Related knowledge

    Original address :http://www.iteye.com/magazines/132-Java-NIO Java NIO(New IO) It's from Java 1.4 A new version of IO API, Can replace the standard ...

  10. NSString Use stringWithFormat Knowledge of splicing

    NSString Use stringWithFormat Knowledge of splicing Retain 2 Decimal places 1 2 3 4 //.2 Represents to keep after the decimal point 2 position (2 Represents the number of reserves ) NSString *string = [NSSt ...

Random recommendation

  1. linux in ssh You can log in. sftp Can't login solution

    My server has been working properly , Usually use secureCRT Conduct management , Use secureFX Upload and download files , And then one day secureFX There was a problem connecting ,secureFX The log of is as follows : i SecureFX edition ...

  2. introduce HBase The trouble with relying on packages

    Use... In a project HBase Do the underlying storage , Use maven To manage related Jar Packet dependency , use maven To manage dependency packages , What's particularly unpleasant is that he will introduce you to Jar It's all about dependence , There are often cases where class and method conflicts cannot be found . This time, ...

  3. Day 359 how can I insist

    A day at home , It's been a little bit tricky linux, Finally, I can connect to the Internet , I don't know much about it . I went to North China Electric Power University for a walk in the evening , Ten laps , It's quite a sense of accomplishment , It's just not wearing a bracelet , Ah . You must take notes when you study in the future , After so many years of study , all Didn't learn how to take notes , It's also ...

  4. Sambar, Realization Linux and Windows share

    I downloaded it tar Of jar package , No rpm,rpm Not much . The goal is to make Windows Be able to share Linux System folder 1. Enter into source Folder : 2../configure->make->m ...

  5. 【 Modern programming 】【homework-04】

    Personal Software Process Stages Time percentage (%) The time actually spent ( minute ) The original estimated time ( minute ) plan 0 0 0 ·           Estimate how much time this task will take ...

  6. git ignore already checked in files

    about untracked file, have access to .gitignore For already checked in file, have access to git update-index # hide git update-index --ass ...

  7. The test form is only available for requests from the local machine resolvent

      protocolsdocumentationsoapweb When you try to access from a remote computer Web The service , Will not show “ call ” Button . also , You will receive the following error message : The test form is only ...

  8. Ubuntu in nfs Server installation and configuration

    One . Carry out orders sudo apt-get install nfs-kernel-server Two . Create for nfs Folder sudo mkdir /usr/nfs Change directory permissions :sudo chmod 777 ...

  9. Tp frame Some operations of the controller, etc

    Enter... In the browser tp The address of the framework entry file , Pictured it is to be noted that ,localhost/ It's followed by www Next level ,tp One level above the file , Because I just put tp The document was made www The next level of the directory , So my address localhost Followed by ...

  10. Big data and hadoop Introduction to relevant knowledge

    One . The basic concept of big data 1.1 What is big data Internet companies are the first industry to collect big data , The most typical example is Google And baidu , These two companies are search engines , The numbers are huge , Every day I have to grab all kinds of Web information from the Internet ...