The only way to know what the real host that is behind a shortened URL is to actually attempt to fetch the URL and then see if you get a 302 redirect and see what that redirect URL is.
Since you generally can't load cross-origin URLs from within browser Javascript, you would probably need a server to do this for you and return the result to you.
One other option is that if the link shortener is a known one that you have API access to, then you can query that API to see what a given shortened link is a shortcut for. For example, bit.ly has this api http://dev.bitly.com/data_apis.html. The API will typically allow cross origin access so you can access it from a browser.
Since you can't confidently have API access to all possible link shorteners, this strategy is really only applicable to specific link shorteners that you prepare for. A general solution for any link shortener would need to use a server to access the URL directly to get the redirect.
For example, here's a simple node.js program that fetches a URL and checks to see if it returns a redirect response and gets the redirect URL if so.
var request = require("request");
request({url: "https://www.youtube.com/watch?v=ZrU_tt4R3xY", followRedirect: false}, function(error, response, body) {
console.log(response.statusCode);
if (response.statusCode >= 300 && response.statusCode < 400) {
console.log(response.headers.location);
}
});
This generates this output:
301
https://www.youtube.com/watch?v=ZrU_tt4R3xY
This could be wrapped in a server that would take a URL as a request and return the resulting URL.
