IP Leak Test

Check what your browser is exposing about your real location — your public IP, your approximate country, and any IP addresses leaking through WebRTC. The IP is read live from the request and not logged.

How this test works

Two checks run in parallel:

1. Server-side IP detection. Your browser hits /api/whoami, an edge endpoint that reads the public IP from the connection headers and returns it. This is the IP the rest of the internet sees you as.
2. WebRTC enumeration. The page opens a hidden WebRTC peer connection, which causes the browser to ask STUN servers for its candidate addresses. This enumeration can reveal local network IPs and (in some configurations) public IPs that bypass your VPN tunnel.

What a leak means

If you are not using a VPN, both checks will show your real public IP, which is normal. If you are using a VPN and the WebRTC public IP differs from your server-side IP, traffic in your browser is escaping the VPN tunnel — that is the leak. Most modern VPN apps include a kill-switch and WebRTC-leak protection to prevent this.

We do not log the IP, the user-agent, or the test results. The endpoint is served with Cache-Control: no-store.