WebRTC leak test

What is a WebRTC leak?

WebRTC (Web Real-Time Communication) powers in-browser video calls and peer-to-peer transfers. To connect two peers directly it gathers ICE candidates — the IP addresses your machine can be reached on, including local network addresses and, via a STUN server, your public address. A website can read these with JavaScript, which means a poorly configured VPN can be bypassed and your real IP exposed even while the rest of your traffic is tunnelled.

Reading your results

• Local/private addresses (10.x, 172.16–31.x, 192.168.x, or an .local mDNS name) stay on your network — modern browsers hide the real one behind a random mDNS hostname, which is good.
• A public address that matches the one at the top is normal without a VPN. If you are on a VPN and it matches your real ISP address, that's a leak.
• No candidates means WebRTC is blocked or disabled — the strongest privacy posture.

How to fix a WebRTC leak

• Use a VPN that explicitly offers WebRTC leak protection.
• Install an extension such as uBlock Origin (it can block WebRTC) or a dedicated WebRTC-blocker.
• In Firefox, set media.peerconnection.enabled to false in about:config.
• Re-run this test after each change to confirm.