Can I perform a DNS lookup (hostname to IP address) using client-side Javascript?

javascript dns lookup
javascript get local ip address
nodejs dns cache
get ip address javascript
hostname from javascript
npm dns
javascript get hostname
node js dns library

I would like to use client-side Javascript to perform a DNS lookup (hostname to IP address) as seen from the client's computer. Is that possible?

There's no notion of hosts or ip-addresses in the javascript standard library. So you'll have to access some external service to look up hostnames for you.

I recommend hosting a cgi-bin which looks up the ip-address of a hostname and access that via javascript.

Node.js DNS Module, There's no notion of hosts or ip-addresses in the javascript standard library. So you'll have to access some external service to look up hostnames for you. I would like to use client-side Javascript to perform a DNS lookup (hostname to IP address) as seen from the client's computer. Is that possible? Edit : This question gave me an itch, so I put up a JSONP webservice on Google App Engine that returns the clients ip address.

Edit: This question gave me an itch, so I put up a JSONP webservice on Google App Engine that returns the clients ip address. Usage:

<script type="application/javascript">
function getip(json){
  alert(json.ip); // alerts the ip address
}
</script>

<script type="application/javascript" src="http://jsonip.appspot.com/?callback=getip"> </script>

Yay, no server proxies needed.


Pure JS can't. If you have a server script under the same domain that prints it out you could send a XMLHttpRequest to read it.

dns.resolve(), Method, Description. getServers(), Returns an array containing all IP addresses belonging to the current server. lookup(), Looks up a hostname. A callback  Can I lookup the IP address of a hostname from javascript? Can you get the IP address of the current page where the script is running? I can get the current document's domain using var domain = document.domain; .

Very late, but I guess many people will still land here through "Google Airlines". A moderm approach is to use WebRTC that doesn't require server support.

https://hacking.ventures/local-ip-discovery-with-html5-webrtc-security-and-privacy-risk/

Next code is a copy&paste from http://net.ipcalf.com/

// NOTE: window.RTCPeerConnection is "not a constructor" in FF22/23
var RTCPeerConnection = /*window.RTCPeerConnection ||*/ window.webkitRTCPeerConnection || window.mozRTCPeerConnection;

if (RTCPeerConnection) (function () {
    var rtc = new RTCPeerConnection({iceServers:[]});
    if (window.mozRTCPeerConnection) {      // FF needs a channel/stream to proceed
        rtc.createDataChannel('', {reliable:false});
    };  

    rtc.onicecandidate = function (evt) {
        if (evt.candidate) grepSDP(evt.candidate.candidate);
    };  
    rtc.createOffer(function (offerDesc) {
        grepSDP(offerDesc.sdp);
        rtc.setLocalDescription(offerDesc);
    }, function (e) { console.warn("offer failed", e); }); 


    var addrs = Object.create(null);
    addrs["0.0.0.0"] = false;
    function updateDisplay(newAddr) {
        if (newAddr in addrs) return;
        else addrs[newAddr] = true;
        var displayAddrs = Object.keys(addrs).filter(function (k) { return addrs[k]; }); 
        document.getElementById('list').textContent = displayAddrs.join(" or perhaps ") || "n/a";
    }   

    function grepSDP(sdp) {
        var hosts = []; 
        sdp.split('\r\n').forEach(function (line) { // c.f. http://tools.ietf.org/html/rfc4566#page-39
            if (~line.indexOf("a=candidate")) {     // http://tools.ietf.org/html/rfc4566#section-5.13
                var parts = line.split(' '),        // http://tools.ietf.org/html/rfc5245#section-15.1
                    addr = parts[4],
                    type = parts[7];
                if (type === 'host') updateDisplay(addr);
            } else if (~line.indexOf("c=")) {       // http://tools.ietf.org/html/rfc4566#section-5.7
                var parts = line.split(' '), 
                    addr = parts[2];
                updateDisplay(addr);
            }   
        }); 
    }   
})(); else {
    document.getElementById('list').innerHTML = "<code>ifconfig | grep inet | grep -v inet6 | cut -d\" \" -f2 | tail -n1</code>";
    document.getElementById('list').nextSibling.textContent = "In Chrome and Firefox your IP should display automatically, by the power of WebRTCskull.";
}   

DNS, "disable_ipv6" : Only IPv4 addresses will be returned. "disable_trr" : Do not use the Trusted Recursive Resolver (TRR) for resolving the host  I need to somehow retrieve the client's IP address using JavaScript; no server side code, not even SSI. However, I'm not against using a free 3rd party script/service.

The hosted JSONP version works like a charm, but it seems it goes over its resources during night time most days (Eastern Time), so I had to create my own version.

This is how I accomplished it with PHP:

<?php
header('content-type: application/json; charset=utf-8');

$data = json_encode($_SERVER['REMOTE_ADDR']);
echo $_GET['callback'] . '(' . $data . ');';
?>

Then the Javascript is exactly the same as before, just not an array:

<script type="application/javascript">
function getip(ip){
    alert('IP Address: ' + ip);
}
</script>

<script type="application/javascript" src="http://www.anotherdomain.com/file.php?callback=getip"> </script>

Simple as that!

Side note: Be sure to clean your $_GET if you're using this in any public-facing environment!

Detection of Intrusions and Malware, and Vulnerability Assessment: , For example, use it to look up IP addresses of host names. All other functions in the dns module connect to an actual DNS server to perform name resolution. dns.lookup() does not necessarily have anything to do with the DNS protocol. From Javascript, you can only get the HTTP header, which may or may not have an IP address (typically only has the host name). Part of the browser's program is to abstract the TCP/IP address away and only allow you to deal with a host name.

I am aware this is an old question but my solution may assist others.

I find that the JSON(P) services which make this easy do not last forever but the following JavaScript works well for me at the time of writing.

<script type="text/javascript">function z (x){ document.getElementById('y').innerHTML=x.query }</script>
<script type='text/javascript' src='http://ip-api.com/json/zero.eu.org?callback=z'></script>

The above writes my server's IP on the page it is located but the script can be modified to find any IP by changing 'zero.eu.org' to another domain name. This can be seen in action on my page at: http://meon.zero.eu.org/

Analyzing Network Characteristics Using JavaScript And The DOM , In 1996 [27] showed how short lived DNS entries can be used to weaken this policy. a DNS lookup request for www.attacker.org, now resolving to the intranet host at “DNS pinning”: The mapping between a URL and an IP-​address is kept by 2.7 Attacks That Do Not Rely on JavaScript Intranet exploration attacks like  If another client needs to resolve the same domain name using server A then server A can respond using the cached result. You can check the DNS cache on a Windows machine with the command: ipconfig /displaydns. Domain Name Lookup Examples. The schematic below shows two DNS lookups. In the first Lookup the local DNS server performs an

Introduction to Computer Networks and Cybersecurity, Website Performance: What To Know and What You Can Do · Data-Driven The simple way to measure DNS lookup time from JavaScript would be to first measure the latency to a host using its IP address, and then measure it again From left to right: The client here is the browser, the DNS server is  The Client Side Resolver Service algorithm on all Windows 2000 and newer machines: If you mix the internal DNS and an external DNS, such as the DC as the first DNS entry, and the ISP’s DNS, or even using your router’s IP address as the second entry, will do the same thing.

Professional Website Performance: Optimizing the Front-End and , DNS lookup www.devil.com TTL = 1 sec Banka.com user 1.1.1.2 GET /, host AJavaScript/DNSXSS attack. www.devil.com contains JavaScript capable of accessing She needs the IP address of www.devil.com in order to send a GET command URL or document.location, and performs some client side script execution  The nslookup of a remote PC give a IP address. But when i do a ipconfig /all on the same remote PC, the preferred IP address is different . May i know what on the network should be checked and analyzed. The user is cannot take RDP of his PC with the IP address obtained from nslookup or the hostname but can take RDP using the preferred IP address

MySQL / PHP Database Applications, Using IP addresses rather than hostnames is one way to avoid the cost of the DNS Introduced in Chrome in 2008, prefetching involves performing DNS lookups on drove up bandwidth and server load, made web stats meaningless, and end a single User Datagram Protocol (UDP) packet can carry the question, and a  Browsers strip the IP address which they get back from a XmlHttpRequest before they pass it to the Javascript engine. services which provide you with your external IP do this through the TCP/IP wrapper which the server receives, not through the information from the request itself.

Comments
  • Many of the answers to this question seem to be recommending doing the resolution server side. Depending on the use case that may not be sufficient. For example, if the service you are looking up is using GSLB it might return a different IP based on where the user is located; as a result the response the server side code receives is quite likely to be a different response than what the browser would have received. That being said, I do not yet have an alternative solution for those that care about this difference.
  • cgi-bin? That's old school. I like it!
  • This was true at the time of writing (2008). This is not true 6 years later: See my comment about WebRTC in this same page. (Unfortunatelly Google still points to this thread when searching for a solution to the IP address problem and that can put people in the wrong direction).
  • @earizon - your answer is for a different question - how to discover your own private IP address.
  • The problem via CGI from the cloud would be discovering intranet host ips which is not possible from the outside. You would have to use a local service on the machine or intranet.
  • Could you post the source to your web service? It would be nice to run an instance.
  • Sorry, but had to downvote since I don't think it actually answers the original question. They just want a standard DNS lookup, not the public IP of the user.
  • this indeed is a new capability which did not exist prior to WebRTC - to discover your own IP address. But @noahjacobson asked a different question - DNS lookup of IP by the hostname from javascript.
  • Very, very interesting, it is a bug or design flaw, anyway at some point it will be corrected so no good for long-term projects
  • Thanks tcole! Just what I was looking for :)
  • Wait a minute, why even use $_GET? like you said this is a vulnerability. Couldn't one just use: echo 'getip(' . $data . ');';