Avatar of SAbboushi
SAbboushi
Flag for United States of America asked on

ip address(es) of current connection?

Using Chrome on W10.  How can I see the ip address of the currently displayed page in Chrome?  Note: I'm not looking for a DNS translation -- I believe that can give me one of multiple ip addresses depending upon which DNS server is used (e.g. if a change is still replicating across DNS servers; or if I have a Hosts file).  So Chrome extensions like the one I just tried from TCPIPUTILS.com seem to just do a DNS lookup.

Am also interested in seeing the ip addresses associated with the elements on a page

TCPView from Sysinternals shows all TCP & UDP endpoints, but trying to figure out which are associated with the page I'm browsing --- I'm not seeing how to do that.
TCP/IPNetworkingNetworking ProtocolsWindows Networking

Avatar of undefined
Last Comment
SAbboushi

8/22/2022 - Mon
John

Am also interested in seeing the IP addresses associated with the elements on a page

You need Wire Shark or Comm View to do this. I use Comm View and it can show me the IP addresses of all my connections.
SAbboushi

ASKER
Thanks John - will Comm View do what I'm asking, or will it just show me a list of ip addresses associated with chrome.exe?
John

Comm View will show you all traffic: Web, Email, Updates and so on. It monitors the network connection.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
John

Here is a Comm View screenshot.

CommView-Source-Destination
SAbboushi

ASKER
Thanks for going to the trouble.  Wish it was more granular -- I suspect I need something that's designed for Chrome
John

Wire Shark and Comm View are general purpose packet sniffers so they are not particular to one browser.

You can click on a packet above and go as deep as you wish. The screen above is the simple opening screen.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
John

Here is a very detailed session analysis.

CommView-Session-Analysis
SAbboushi

ASKER
Thanks - I'm looking for a tool that will show me the tcp sessions specific to the web page I am browsing.  I think packet sniffers don't do that?
Scobber

nslookup hostname.com

will give all ip addresses associated with that hostname
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Scobber

Well I'm pretty sure John has provided a very succinct reply.

If you cant make it work, I'm not sure you have anywhere else to go.

one other thing you might want to try is fiddler

Fiddler is a Proxy server that sits between your browser and the rest of the world.

it performs the same functions as developer tools but is on steroids.

https://www.telerik.com/download/fiddler
SAbboushi

ASKER
Thanks - but I think that does a DNS lookup instead of telling me what ip address(es) the current page is actually connected
SAbboushi

ASKER
>> Well I'm pretty sure John has provided a very succinct reply.
Maybe I'm missing something then.  Here's from my original post:

How can I see the ip address of the currently displayed page in Chrome?

Maybe you can tell me the steps to get my answer?

btw I'm using Fiddler2 - it's the closest tool I've found so far, but no link between page and ip address(es)
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Scobber

The addresses will never be different to the response at that moment though. Why do you need to know the connection ip?
if you say nslookup www.google.com

you can be assured that google.com is not going to get served (to your computer) by an IP address outside the reply.

Different parts of the world canhave different replies at the same instant, this can vary from region to region, country to country.
ASKER CERTIFIED SOLUTION
Scobber

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
John

Comm View matches the packets with the application name (say Chrome) that generates the packets. Then you can display the packets. So it does very much what you are looking for.

Try a trial license (good for about 3 weeks).

Also try Wire Shark.

You need to go and look and try because there is more you can imagine at your fingertips.
SAbboushi

ASKER
Thanks John - but it sounds like Comm View doesn't give me any more than TCPView does - if I've got 15 Chrome tabs and 5 Chrome windows open...

Am I missing something?  Per my question above: it sounds like you're confirming that it shows a list of ip addresses for chrome.exe instead of doing what I'm asking:
Thanks John - will Comm View do what I'm asking, or will it just show me a list of ip addresses associated with chrome.exe?

I'm feeling like we've got a disconnect here - please let me know if you don't understand what I'm looking for.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
John

What you are missing (I think) is the filtering you can do to show just IE, Mail or Chrome or whatever you desire.

Using Chrome on W10.  How can I see the IP address of the currently displayed page in Chrome?

I assume you mean "what IP addresses are going back and forth from the web page to the Internet" then both Wire Share and Comm View will do that.

If I have misinterpreted the above then please clarify.
SAbboushi

ASKER
I may be wrong, but my suspicion is that you're saying Wire Shark and Comm View correlate tcp sessions to Chrome browser tabs; my belief is that it only correlates tcp sessions with executables (and pids/ports), but I don't see a way to correlate any of that with a specific browser tab.  And then there's other Chrome tcp sessions not associated with tabs, e.g. Chrome checking for updates, or doing whatever else Chrome is communicating...

Let's say you have 2 Chrome windows open; each window has 2 tabs open (i.e. total 4 urls).  2 tabs have msn.com open, the other 2 let's say yahoo.com.

Can you post a Comm View screen shot showing me the ip connections for one of the tabs that has msn.com open?
John

Packet sniffers will relate the traffic to the application. So no, they will not relate traffic to a specific tab. I did not interpret Tab from your first post. Nothing I know does that.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SAbboushi

ASKER
k thanks.  Sorry if I wasn't clear.

Does each browser Tab uses a different port?  If so, any idea how to identify the port being used for a specific browser tab?
John

No. Each browser tab does not use a different port. It is all one browser going out through the same connection .
SAbboushi

ASKER
Arghhh!  Thanks for your help everyone.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
Scobber

So I show you how to see the remote ip in developer tools and stiff me on points?

That was what you wanted after all, I'm happy to share with John however I will contest it if you do not redistribute
SAbboushi

ASKER
Scobber:
>> The addresses will never be different to the response at that moment though.
Sorry - don't know what you mean?

>>if you say nslookup www.google.com, you can be assured that google.com is not going to get served (to your computer) by an IP address outside the reply.

As I pointed out in my original post, I want a solution that is aware of Hosts file.  I believe that nslookup does not use the standard windows libraries and therefore ignores the Hosts file, so I have to disagree with you: a Hosts file can definitely result in an ip address being served outside the reply of nslookup


>>Different parts of the world can have different replies at the same instant, this can vary from region to region, country to country.

Different replies, meaning different ip addresses (e.g. load balancing)?


>> So I show you how to see the remote ip in developer tools and stiff me on points?

Sorry - my oversite.  I somehow missed your responses - glad you pointed them out.  Might have been more pleasant though if you'd asked "Did you see my post"... ; )


>> That was what you wanted after all

Holy Crap Batman!  That looks like exactly what I asked for!  Shows the actual ip served even when Hosts file is used!


>>  I'm happy to share with John however I will contest it if you do not redistribute

Would appreciate if you would clarify your posts (my Qs above)  and then I'll look into redistributing points.
Scobber

So if it exactly what you asked for as per your question then allocate all the points to that, post ill be happy to answer your questions in EE chat, not on this thread because it is getting off topic

As for your reply avoid 'did you see my post' it's not as if it was hidden from your view was it now. It was more ignored
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SAbboushi

ASKER
>> it's not as if it was hidden from your view was it now. It was more ignored
I've apologized for my oversite; I'll leave you to your assumptions
SAbboushi

ASKER
I've sent an email:

Can you please reopen the question so I can more fairly reassign the points.  Thanks

https://www.experts-exchange.com/questions/28965752/ip-address-es-of-current-connection.html