All these methods are based on bad admin configurations, but still are quite common
If you want to find real I.P. address of website, which is hidden by CLOUDFLARE. It has came to my attention that many booters, hosts, malicious websites, and more use CloudFlare for DDoS Protection & Anti-Abuse Report Protection. With CloudFlare protection, it is difficult to get the hosts IP; therefore, it is difficult to send an abuse report or launch a (D)DoS attack. This simple guide will help you obtain any website protected by CloudFlare's real IP, which can be used for whatever you desire!