WebRTC leak test

KeyboardTester.click

Free WebRTC Leak Test

Free online WebRTC leak test. Detect IP address leaks through your browser even while using a VPN. Checks IPv4, IPv6, mDNS and STUN. Fast, instant, private.

Download from Microsoft Store Download from Microsoft Store

WebRTC Leak Test

Click Start scan to see what IP addresses your browser exposes via WebRTC.

WebRTC can leak your real local and public IP addresses to websites even when you are using a VPN. Click Start scan to detect what your browser exposes.
Public IP -
The IP address websites see. With a VPN on this should match your VPN server, not your ISP.
Local IPs -
Your private network address (192.168.x, 10.x). Modern Chrome hides this behind an mDNS hash ending in .local.
IPv6 -
Your IPv6 address. If your VPN does not tunnel IPv6, this leaks even when IPv4 is protected.
Status -
Rate WebRTC Leak Test: Be the first to rate
KeyboardTester.click assistant

Free for your site

Embed this WebRTC Leak Test on your website

Add this free, no-signup tool to your own page or blog post in one click — just keep the small credit link.

WebRTC Leak Test is a free, browser-based online utility that lets you detect IP address leaks through your browser even when using a VPN.

  • Cost: Free, no signup
  • Install: None — runs in the browser
  • Privacy: Runs locally, no uploads
  • Platforms: Windows, macOS, Linux, Android, iOS
  • Time: Under a minute

What Is a WebRTC Leak?

WebRTC (Web Real-Time Communication) is the browser API that powers Google Meet, Zoom in the browser, Discord voice, WhatsApp Web calls, and most screen-sharing tools. To negotiate a peer-to-peer connection, WebRTC needs to know every IP your device has. It does that by asking a STUN server over UDP — and critically, the STUN request can bypass your VPN tunnel unless the VPN is specifically built to catch it. That is the leak: a website with a few lines of WebRTC JavaScript can see your real public and local IP addresses, even when your VPN says you are protected.

This tool runs a STUN query inside your browser (no data leaves your machine) and reports every IP WebRTC exposes — so you know exactly how much privacy your setup is really giving you.

How to Read Your Result

  • Public IP — should match your VPN server. If you see your ISP-assigned IP here, your VPN is leaking.
  • Local IPs — your private network addresses (192.168.x, 10.x, 172.16-31.x). Chrome since version 76 and Safari on recent macOS replace these with a hashed .local string by default; that hash is safe and cannot be tracked.
  • IPv6 — many VPNs tunnel only IPv4. If your ISP gives you IPv6 and your VPN does not handle it, WebRTC can leak v6 even when v4 looks clean.

Why WebRTC Leaks Even With a VPN On

A regular VPN reroutes your browser's HTTP and DNS traffic through an encrypted tunnel. WebRTC uses a different channel: direct UDP to a STUN server. Unless the VPN intercepts that UDP traffic specifically, your real IPs slip through. This is why not every VPN is equal — the good ones (Mullvad, ProtonVPN, NordVPN, ExpressVPN) catch WebRTC; many cheap or free VPNs do not.

The practical fix is either (a) pick a VPN that blocks WebRTC at the app or tunnel level, or (b) disable WebRTC in the browser. Disabling is a bigger trade-off than most guides admit: it also breaks every browser-based video call.

Per-Browser Fix Summary

  • Chrome / Edge — no built-in toggle. Install the official Google "WebRTC Network Limiter" extension, or use uBlock Origin with its Prevent WebRTC from leaking local IP option checked.
  • Firefoxabout:config → set media.peerconnection.enabled to false. This is the cleanest off switch but disables video calls.
  • Bravebrave://settings/privacy → "WebRTC IP handling policy" → Disable Non-Proxied UDP. Only major browser with an in-UI control.
  • Safari — disable "WebRTC Platform UDP Sockets" under Develop > Feature Flags (macOS) or toggle "WebRTC mDNS ICE candidates" on iOS.
  • Any browser — a VPN with correct WebRTC handling fixes this transparently without disabling video calls.

Seeing a .local Address? That Is Not a Leak

Since Chrome 76 (mid-2019) and on recent versions of Safari, your local IP is replaced by a hashed string like a1b2c3d4-e5f6-7890-abcd-ef1234567890.local. This mDNS ICE candidate is a privacy feature, not a leak — the hash rotates and cannot be resolved outside your local network. If that is the only thing in the Local IPs field, your browser is doing the right thing.

Common Myths Worth Busting

  • "Incognito mode stops WebRTC leaks." False. Incognito only clears local history and cookies. WebRTC still runs and still leaks.
  • "Any VPN will stop WebRTC leaks." False. Many free and budget VPNs route TCP through the tunnel but let WebRTC UDP slip past.
  • "I must disable WebRTC to be safe." Not always. A good VPN routes WebRTC correctly and preserves video calls.
  • "The .local string is my real IP." No. It is a Chrome mDNS hash that cannot be tracked or resolved remotely.

WebRTC Leak Test FAQ

Common webrtc leak test questions

What is a WebRTC leak test?

A WebRTC leak test reveals which IP addresses your browser exposes through WebRTC. Click Start scan and the test gathers connection candidates via a STUN request, showing any public IPv4, public IPv6, and local or mDNS addresses your browser hands out.

Can WebRTC expose my real IP while I use a VPN?

Yes. WebRTC can query a STUN server outside the VPN tunnel, revealing your real ISP-assigned IP even though websites see the VPN IP. Run the WebRTC leak test with your VPN connected: if an address that is not your VPN IP appears, your setup is leaking.

What is an mDNS .local address in my results?

Modern browsers replace your device's private LAN IP with a randomized mDNS hostname ending in .local. Seeing a .local entry instead of an address like 192.168.x.x means the browser's local IP protection is working.

How do I fix a WebRTC leak?

Use a VPN or browser extension with WebRTC leak protection, or disable WebRTC where the browser allows it - for example the media.peerconnection.enabled flag in Firefox. Re-run the WebRTC leak test afterward to confirm the real IP no longer appears.

Is the WebRTC leak test private?

Yes. The scan runs in your browser and the detected addresses are displayed only on your screen - they are not stored or sent to our server. The test is free, with no download or signup.

Windows app

KeyboardTester.click is available from Microsoft Store

Install the official Windows app shortcut, or keep using the same free testing tools in your browser.

Download from Microsoft Store Download from Microsoft Store