Your location: Your IP: Your status:ProtectedUnprotected · To the tests »

WebRTC Leak Test

Check whether you are exposing your real IP address


Local IP Addresses

    Public IP Addresses



        On this website you can test whether your provider assigned IP address can be leaked via WebRTC APIs . As Daniel Roesler showed in January 2015, browsers with WebRTC implementation allow requests to STUN servers which will return the provider assigned IP address for the user even if he is connected via VPN. For more details on this, read on and also see Daniel's GitHub page.

        On the top left you should see your LAN IP addresses. This is not as critical as the public IP address(es) displayed next to it. If you are using a VPN connection and it is displaying two public IP addresses, your provider assigned IP address is exposed.

        With the Perfect Privacy VPN Manager in its default settings (firewall protection enabled) this will be prevented and you should only see the Perfect Privacy server as your public IP address.

        Detailed information

        What is WebRTC?

        WebRTC is an API definition that allows voice and video chats as well as P2P file sharing within the browser, without the need of any extensions or plugins. As of early 2015, among the most popular browsers, only Firefox and Chrome support WebRTC. Internet Explorer and For other browsers there are various plugins available that add support for WebRTC.

        How does WebRTC expose my IP address?

        To allow video chats and Peer-to-peer functionality, WebRTC has a mechanism to determine the public IP address, even if it is behind a NAT. With a few JavaScript commands, WebRTC can be used to send a UDP packet to a STUN Server (Session Traversal Utilities for NAT). That server simply sends back a packet containing the IP address from which the request originated. This is simple to implement as Firefox provides a default STUN server that can also be used with Google Chrome.

        In Windows it is possible to send packets over a route different from the default route. The WebRTC request to the STUN server simply sends requests over all reachable interfaces which is why you will see two public IP addresses (VPN and provider IP) if you are vulnerable to this leak.

        How can I protect against this IP leak?

        Because the requests to the STUN server are made outside of the normal XMLHttpRequest they are not visible in the developer console; they cannot be blocked reliably with browser plugins like WebRTC block.

        The best way to protect against this leak is using firewall rules to enforce that traffic can only be sent over the encrypted VPN tunnel.

        With the Perfect Privacy VPN Manager such rules are set by default once a VPN tunnel is established so that your provider assigned IP cannot be leaked by WebRTC or similar mechanisms.

        Prevent WebRTC Leaks with our VPN software for Windows

        Payment Options

        Premium VPN-servers in 24 countries

        This website uses cookies to analyze the traffic and to control our advertising. By using this site, you agree to the use of cookies. More information can be found in our privacy policy.