WebRTC Leak Test
Check whether WebRTC exposes your local or public IP addresses — a quick privacy check for VPN users.
Runs a local WebRTC connection attempt and lists every IP address it exposes. The only network request is a STUN lookup (to Google's public STUN server) — nothing is logged or uploaded by this site.
Examples
Check a VPN
Input
Connect VPN, run test
Output
Exposed IP should be the VPN's
Verify mDNS protection
Input
Run the test
Output
Local IPs shown as random .local names
Confirm a fix
Input
Enable leak protection, rerun
Output
No public IP exposed
About this tool
This free WebRTC leak test checks whether your browser exposes your real IP address through WebRTC — the peer-to-peer technology behind in-browser video calls. It matters mostly for VPN and proxy users: WebRTC uses its own network path, so it can reveal the address your VPN is supposed to hide. The test runs locally and shows every address your browser gives away.
How to use
- Connect your VPN or proxy first (if you use one).
- Run the leak test and wait a moment for candidates to gather.
- Compare the exposed public IP with your VPN's — check it with What Is My IP.
- If they differ from what you expect, enable your VPN's WebRTC protection and rerun.
Common uses
Auditing a VPN before relying on it, verifying that a browser extension or privacy setting actually stops the leak, checking whether your browser masks local addresses with mDNS, or simply understanding what WebRTC reveals about your connection. Without a VPN, seeing your own public IP here is normal — every website you visit sees it too.
Frequently asked questions
What is a WebRTC leak?
WebRTC — the browser technology behind video calls — discovers your network addresses to connect peers directly. Because it uses its own network path, it can reveal your real public IP even while a VPN or proxy hides it from normal browsing. That mismatch is the 'leak'.
How does this test work?
It creates a local WebRTC connection attempt and asks a public STUN server what address it sees, then lists every ICE candidate your browser produced — local addresses, the public (server-reflexive) address, and how each is protected. Everything happens in your browser; this site logs nothing.
How do I read the result?
Not using a VPN: seeing your normal public IP is expected and harmless — websites see it anyway. Using a VPN: the exposed address should be the VPN server's. If it's your real home IP instead, WebRTC is bypassing the tunnel and you should enable your VPN's WebRTC protection.
What are the .local addresses in the results?
Modern browsers hide your real local network IPs behind random mDNS names ending in .local. Seeing those means the protection is working. Seeing raw addresses like 192.168.x.x means your browser is configured to expose real local IPs — unusual today.
How do I fix a WebRTC leak?
In order of ease: turn on your VPN's WebRTC leak protection (most reputable ones have it), use a browser extension that limits WebRTC network access, or disable WebRTC in the browser (Firefox: media.peerconnection.enabled). Note that disabling it breaks video calls in the browser.
Why does the test say no public IP was exposed?
Your browser, an extension, or your network blocked the STUN lookup — WebRTC couldn't discover a public address at all. For privacy purposes that's a pass. It can also mean WebRTC is disabled entirely.
Does this site see or store my addresses?
No. The candidates are gathered and displayed entirely in your browser. The one outbound request is the standard STUN lookup to a public STUN server (run by Google) — the same request any video-call site makes. Nothing is sent to or stored by this site.
Related tools
Keyboard Test
Test every key on your keyboard — see presses light up live and check for stuck or dead keys.
Dead Pixel Test
Cycle full-screen solid colors to spot dead, stuck, or hot pixels on any monitor or phone screen.
FPS Test
Measure your screen's frame rate live with a real-time FPS counter and graph — no install.
Mouse Test
Test mouse buttons, scroll wheel, and movement — plus a click-speed (CPS) counter. No install.