How does the website "whatsmyrouterip.com" detect the LAN router IPaddress and the LAN device IP address as well as the WAN gateway router IP address?

Question

The http://whatsmyrouterip.com/ website can be used to resolve the public internet WAN IP address of a gateway router. However, it also shows the the private lan IP address of the gateway router and the private lan address of the device sending the request (e.g laptop).

How does the site get access to the private lan IP addresses given that the NAT source IP address of the page request is that of the gateway router? HTML headers?

E.G. Gateway router public IP address: 257.59.201.1. Gateway router private LAN address 192.168.1.1. Laptop private LAN address 192.168.1.25.

The site is HTTP so all this information is submitted in clear text.

Answer 1

The site just tries some typical IP addresses for routers to see if something is there. Typically the router is either at the IP address xx.xx.xx.1 or xx.xx.xx.254 where the IP address is from the range of private IP addresses. It tries these and some other addresses in the range of the local network(s). Which local networks these are seem to be determined using WebRTC (thanks for schroeder@ to pointing this out - see his comment for more information).

This behavior can be traced if using the developer tools in the browser and looking at the requests taken:

If there is some kind of response when accessing HTTP on these IP addresses it is assumed that this is the admin interface of the router. It cannot actually read the content to check if this is a router but just checks based on the timeout of the request if it was successful or not. Thus, if there is some non-router at such IP it will guess wrong (as it does on my system) and if the routers admin interface is on some address outside the local network it will fail to find it this way. But it will work for the typical setups users have at home.