AnonymFlow

WebRTC leak test: is your real IP exposed?

WebRTC can reveal your local and public IP address straight from the browser, sometimes around your VPN. Run the test below: it opens a WebRTC connection, collects the ICE candidates and lists the IP addresses your browser exposes. Everything runs in your browser and no data is sent to a server.

This test runs entirely in your browser. No data is sent to a server: the STUN server is only used so your browser can discover the IP addresses it would expose through WebRTC. Nothing is stored, and reloading the page clears everything.

What is a WebRTC leak?

WebRTC is a technology built into browsers for live audio/video calls and file sharing. To set up a connection, it asks the system for available IP addresses (local and public) through a mechanism called ICE, with the help of a STUN server. The catch: this process can expose your real public IP address to a web page even when a VPN is active, if the VPN does not specifically block WebRTC leaks. This test does not detect the VPN itself; it only shows the IP addresses your browser reveals through WebRTC.

Why it is a risk

Your real IP can betray a VPN

If your browser exposes your public ISP IP while a VPN is active, a site can see your real approximate location despite the tunnel.

No action needed from you

A plain web page can trigger the WebRTC request in the background, with no click or permission, and read the candidate addresses.

The local IP reveals your network

Even without a public IP, the local address (192.168.x.x, etc.) can help tell apart devices on the same network. Modern browsers often mask it via mDNS.

Editorial pick
4.6 / 5

A VPN with WebRTC leak protection and a kill switch - NordVPN

The kill switch cuts traffic if the tunnel drops, so your real IP is never exposed.

Deloitte audit 202430-day guarantee14M+ users
See the offer

Frequently asked questions

Does this test send my data to a server?
No. Detection happens entirely in your browser in JavaScript. The STUN server only lets the browser discover its public candidate address; no personal data or result is uploaded or stored. Reload the page to clear everything.
Does a WebRTC leak mean my VPN is broken?
Not necessarily. The VPN tunnel can work for your normal traffic while WebRTC still bypasses the tunnel at the browser level. That is why a VPN with dedicated WebRTC leak protection, or disabling WebRTC, is a useful complement.
What does a .local address in the results mean?
It is an anonymised mDNS hostname that modern browsers (Chromium, Firefox) use instead of your real local IP. It is a good sign: your raw local address was not exposed.
Can the test detect my VPN directly?
No, and it does not claim to. It only lists the IP addresses the browser exposes through WebRTC. To check a VPN, compare the public IP shown here with your VPN's expected IP: if your real ISP IP appears, there is a leak.
How do I remove a WebRTC leak?
Use a VPN with WebRTC leak protection and a kill switch, disable WebRTC in the browser (in Firefox, set media.peerconnection.enabled to false via about:config), or install a trusted extension that blocks WebRTC IP handling.

Free tool, run entirely in your browser. AnonymFlow earns an affiliate commission if you subscribe through the NordVPN link, at no extra cost to you and with no influence on how the tool works.