RUNWEBTOOLS
English

WebRTC Leak Test

Check whether WebRTC exposes your local or public IP addresses — a quick privacy check for VPN users.

Runs a local WebRTC connection attempt and lists every IP address it exposes. The only network request is a STUN lookup (to Google's public STUN server) — nothing is logged or uploaded by this site.

Examples

Check a VPN

Input

Connect VPN, run test

Output

Exposed IP should be the VPN's

Verify mDNS protection

Input

Run the test

Output

Local IPs shown as random .local names

Confirm a fix

Input

Enable leak protection, rerun

Output

No public IP exposed

About this tool

This free WebRTC leak test checks whether your browser exposes your real IP address through WebRTC — the peer-to-peer technology behind in-browser video calls. It matters mostly for VPN and proxy users: WebRTC uses its own network path, so it can reveal the address your VPN is supposed to hide. The test runs locally and shows every address your browser gives away.

How to use

  1. Connect your VPN or proxy first (if you use one).
  2. Run the leak test and wait a moment for candidates to gather.
  3. Compare the exposed public IP with your VPN's — check it with What Is My IP.
  4. If they differ from what you expect, enable your VPN's WebRTC protection and rerun.

Common uses

Auditing a VPN before relying on it, verifying that a browser extension or privacy setting actually stops the leak, checking whether your browser masks local addresses with mDNS, or simply understanding what WebRTC reveals about your connection. Without a VPN, seeing your own public IP here is normal — every website you visit sees it too.

Frequently asked questions

What is a WebRTC leak?

WebRTC — the browser technology behind video calls — discovers your network addresses to connect peers directly. Because it uses its own network path, it can reveal your real public IP even while a VPN or proxy hides it from normal browsing. That mismatch is the 'leak'.

How does this test work?

It creates a local WebRTC connection attempt and asks a public STUN server what address it sees, then lists every ICE candidate your browser produced — local addresses, the public (server-reflexive) address, and how each is protected. Everything happens in your browser; this site logs nothing.

How do I read the result?

Not using a VPN: seeing your normal public IP is expected and harmless — websites see it anyway. Using a VPN: the exposed address should be the VPN server's. If it's your real home IP instead, WebRTC is bypassing the tunnel and you should enable your VPN's WebRTC protection.

What are the .local addresses in the results?

Modern browsers hide your real local network IPs behind random mDNS names ending in .local. Seeing those means the protection is working. Seeing raw addresses like 192.168.x.x means your browser is configured to expose real local IPs — unusual today.

How do I fix a WebRTC leak?

In order of ease: turn on your VPN's WebRTC leak protection (most reputable ones have it), use a browser extension that limits WebRTC network access, or disable WebRTC in the browser (Firefox: media.peerconnection.enabled). Note that disabling it breaks video calls in the browser.

Why does the test say no public IP was exposed?

Your browser, an extension, or your network blocked the STUN lookup — WebRTC couldn't discover a public address at all. For privacy purposes that's a pass. It can also mean WebRTC is disabled entirely.

Does this site see or store my addresses?

No. The candidates are gathered and displayed entirely in your browser. The one outbound request is the standard STUN lookup to a public STUN server (run by Google) — the same request any video-call site makes. Nothing is sent to or stored by this site.

Related tools