🕵️ WebRTC Leak Test

WebRTC is used by video calls, but any website can silently ask your browser for ICE candidates — which may expose your real IP even when you're on a VPN. This test runs 100% in your browser.

🌐 What's My IP?

ICE candidates

These are the candidate addresses your browser would offer to a remote peer. Public IPs discovered via STUN (srflx) are the ones that leak past many VPNs.

IP	Type	What it means

How this test works

We create an RTCPeerConnection in your browser and ask it to gather ICE candidates using public STUN servers (Google and Cloudflare). Each candidate tells us a potential path for peer-to-peer connectivity — and potentially your real IP.

host — an address on your local network (e.g. 192.168.1.10 or an IPv6).
srflx / prflx — a public (server-reflexive) address seen via STUN. This is the leak.
relay — a TURN relay. Not used here because we didn't configure TURN.
.local (mDNS) — a hostname Chrome and Firefox emit instead of real local IPs.

How to prevent WebRTC leaks

Firefox: set media.peerconnection.enabled to false in about:config (breaks video calls).
Chrome/Edge: install the "WebRTC Leak Prevent" or "uBlock Origin" (advanced mode) extensions.
Brave: Settings → Shields → "WebRTC IP handling" → "Disable non-proxied UDP".
Safari: Settings → Advanced → Experimental → disable legacy WebRTC APIs where available.
VPN: use a client that blocks WebRTC STUN at the OS level (e.g., Mullvad, NordVPN with kill switch).

FAQ

Is the test sending data to your server?

No. The test runs entirely in your browser and only talks to public STUN servers (Google, Cloudflare). We don't receive any of the candidate data.

I see only .local addresses. Am I safe?

Mostly yes. Modern browsers mask local IPs behind mDNS hostnames by default. If no srflx (public) candidate appears, your VPN or browser is successfully preventing WebRTC leaks.

What if nothing shows up at all?

WebRTC may be disabled in your browser or your network may block UDP to STUN servers (common on corporate Wi-Fi).