WebRTC Leak Test

WebRTC Leak Test: Check Whether Your Browser Exposes Your IP

This test checks whether your browser reveals IP addresses through WebRTC while using a VPN or proxy. It always completes or times out within a few seconds. To see your public IP first, use the What Is My IP checker.

Preparing test…
The test starts automatically and finishes within about three seconds.
Ready

Public IP detected by the website

Public IP
Loading…
IP Version
Loading…
ISP / Network
Loading…

Test status

WebRTC Support
Checking…
Result
Checking…
Duration

WebRTC candidates (public)

Waiting…

Local / mDNS candidates

Waiting…

Actions

Run the test again after connecting or disconnecting your VPN to compare the result.

How to read this WebRTC leak test

A WebRTC leak happens when a browser exposes network addresses through WebRTC connection candidates. For VPN users, a public IP found via WebRTC that differs from the VPN's IP can reveal a network outside the tunnel. This test separates the public IP the website sees, the WebRTC candidates your browser produces, any additional IPs exposed, the test status, and browser limitations.

Limitations

Modern browsers may replace local candidates with mDNS hostnames ending in .local, so seeing those is common and does not always indicate a leak. If WebRTC is disabled or blocked, the test reports that accurately instead of showing an error. Compare results with the home page and read What Is an IP Address? for background.

When to run this test

Run the WebRTC leak test after connecting to a VPN, changing browsers, installing a privacy extension, or switching Wi-Fi. Compare the candidates with the public value shown by the site. If one points outside the tunnel, review your browser and leak-protection settings.

What a safe result looks like

A safer result shows no extra public candidates beyond what the website already sees. Local or mDNS entries are common in modern browsers and are usually less sensitive, but the result still depends on browser, operating system, VPN app, and routing policy.

What this tool checks

The page asks the browser to create WebRTC connection candidates and compares those candidates with the public value the website already sees. It reports public candidates, local or mDNS candidates, blocked states, timeouts, and whether anything appears outside the expected route. This helps you understand browser behavior rather than relying only on the VPN app status.

How the test works

WebRTC can discover possible paths for peer-to-peer communication. Browsers expose those paths as ICE candidates. Older browser behavior could reveal local or public interface details more freely, while modern browsers often hide local values behind mDNS hostnames. This test gathers the candidates available to JavaScript, classifies them, and stops cleanly after a short timeout.

Common use cases

Run the test after installing a new browser, changing privacy extensions, switching from Wi-Fi to mobile data, or connecting to a VPN. It is especially useful when a streaming, conferencing, or peer-to-peer app behaves differently from normal browsing. Comparing results before and after a settings change makes leaks easier to spot.

Troubleshooting unexpected exposure

If the test shows an unexpected public candidate, first confirm your VPN is connected and refresh the home page. Then check the VPN app for leak protection, IPv6 handling, and split tunneling. Browser settings can also matter: some browsers allow WebRTC restrictions, while others require extensions or enterprise policies. If only local or mDNS candidates appear, that is usually normal modern behavior.

Related tools

Use the IPv6 test to confirm whether a second route is available, IP Lookup to inspect any public candidate, and the VPN guide to understand how tunnel modes and leak protection affect browser-visible results.

Frequently asked questions

Does WebRTC always leak my real IP?

No. Many modern browsers reduce WebRTC exposure and many VPN apps include leak protection. This test checks what your current browser reveals right now.

What does it mean if only local IPs appear?

Modern browsers often replace local candidates with mDNS hostnames ending in .local. Seeing only local or mDNS values is common and does not always indicate a leak.

What should I do if a public candidate appears?

Compare it with the homepage result. If it points outside your expected VPN route, review leak protection, IPv6 handling, split tunneling, and browser WebRTC settings.