IP lookup DNS leak test Tools Run DNS leak test →
IP Diali

Verify Your Egress IP.
Identify DNS Resolvers.

Free, private network diagnostics for everyone. No ads. No trackers. No logs. No accounts.

→ Run DNS leak test IP lookup coming soon
Free forever No ads No trackers No logs
ipdia.li — diagnostics
$ ipdia whoami
 
ip resolving…
type IPv4 / public
asn AS·····
isp ·········
country ·······
 
$ ipdia dns-leak
 
resolvers checking…
outside_vpn none ✓
status clean ✓
 
_

Privacy by design

No analytics, no ad network, no fingerprinting scripts. Built to respect users, not profile them.

Lightweight and fast

No bloated frameworks. Direct output that loads on any connection, anywhere.

Globally oriented

"IP Diali" means my IP in Moroccan Darija. The service is built for everyone, everywhere.

Available tools
Live

DNS Leak Test

Check whether your DNS resolver is leaking outside your VPN or proxy tunnel. See exactly which resolvers your system contacts, and from where.

leak.ipdia.li
Coming soon

IP Lookup

Inspect your public egress IP with geolocation context, ASN, ISP, and routing metadata. Geo data refreshed weekly from MaxMind every Wednesday.

ami.ipdia.li
Privacy threat

Why WebRTC is a traitor.

WebRTC is a browser technology built for real-time peer-to-peer communication — voice, video, file transfers. To establish a direct connection it must discover your real network interfaces, including your local LAN IP and your public IP.

It does this using ICE candidates, and it does it outside your proxy or VPN tunnel. A malicious or curious website can silently fire a small JS snippet — no permissions required, no user prompt — to request those candidates and read your real public IP, even while all your traffic routes through a VPN.

Your VPN hides your IP at the HTTP header layer. WebRTC bypasses that entirely by talking directly to STUN servers at the OS network level. If your browser has WebRTC enabled and your VPN does not block it at the kernel level, your real IP is exposed to any page that asks.

How to prevent WebRTC leaks

  • Firefox — extension Happy Bonobo — Disable WebRTC — disables the WebRTC API entirely in Firefox.
  • Chromium — WebRTC Protect WebRTC Protect — Protect IP Leak — limits IP exposure in Chrome-based browsers.
  • Chromium — Network Limiter WebRTC Network Limiter — by Google; restricts ICE candidate gathering to the default route only.
  • Firefox — native Set media.peerconnection.enabled to false in about:config. No extension needed.
  • VPN-level blocking Some VPN clients (e.g. Mullvad) block WebRTC at the OS level. Extensions are still recommended as a browser-side safety net.
Understanding your results

DNS leaks are relative to your setup.

A DNS leak result is not an absolute verdict — it depends entirely on what your expected DNS path is. The test shows you which resolvers your system actually contacted. Whether that's a problem depends on you.

If you're on a VPN or proxy and the results show resolver IPs belonging to your ISP's range, your DNS queries are bypassing the tunnel. That means your ISP can see every domain you query, even though your traffic appears routed elsewhere.

The expected resolver varies by setup. There is no universal correct answer — it's whatever is part of your intentional privacy stack.

Expected resolver — examples
Your VPN provider's DNS servers
NextDNS / AdGuard DNS
Self-hosted resolver (Pi-hole, Unbound…)
Any resolver inside your tunnel
 
Your ISP's resolver while on VPN
8.8.8.8 / 1.1.1.1 outside the tunnel
Unknown resolver you didn't configure
 
// seeing ISP resolvers on VPN = leak