VPNSmith
Widget

Embeddable IP & WebRTC Leak Test Widget

A free, privacy-first IP and WebRTC leak test you can embed on any website with a single iframe tag. It shows the visitor's public IP and any IP exposed by WebRTC, flagging a leak when WebRTC bypasses their VPN. No tracking, no API key.

See the full leak test →

Live demo

This is exactly what your visitors will see once the widget is embedded. The test runs in their browser and reports their own IP. Try the controls to preview different themes and languages.

Theme:
Language:

Paste the snippet below into any HTML page. No JavaScript required on the host side.

<iframe
  src="https://www.vpnsmith.com/widget/ip-leak-test?theme=dark&lang=en"
  width="480"
  height="560"
  frameborder="0"
  scrolling="no"
  title="IP & WebRTC Leak Test - VPNSmith"
  loading="lazy"
  style="border-radius:12px;max-width:100%"
></iframe>
<p style="font-size:12px;color:#64748b;margin-top:4px">
  <a href="https://www.vpnsmith.com" rel="noopener" target="_blank" style="color:#FF6B1A;font-weight:600">Powered by VPNSmith</a>
  - Free IP & WebRTC leak test
</p>

Recommended attribution link (optional but appreciated):

<a href="https://www.vpnsmith.com/en/tools/ip-leak-test" rel="noopener">IP & WebRTC leak test by VPNSmith</a>

Why embed this widget?

Free, no limits

No API key, no account required. The iframe works indefinitely at no cost.

Privacy-first

The test runs in your visitor's browser. Their public IP is fetched from the free ipify API and WebRTC candidates are read locally - nothing is sent to or stored by us.

Zero external dependencies

The widget is self-contained HTML. No CDN, no tracking, no third-party scripts beyond the public ipify and STUN endpoints.

Dofollow attribution link

The recommended snippet includes a "Powered by VPNSmith" link - transparent and optional.

Frequently asked questions

How does the leak test work?
The widget fetches the visitor's public IP from the free ipify API, then opens a WebRTC connection to a public STUN server and reads the ICE candidates it produces. If WebRTC reveals a public IP different from the visible one, that is flagged as a possible leak. Private addresses (10.x, 192.168.x, fd00::) are normal and never flagged.
Does the widget transmit any data to VPNSmith?
No. The check runs entirely in the visitor's browser. The public IP comes from ipify and the WebRTC candidates are read client-side. No data is sent to or stored by VPNSmith.
Can I customise the theme and language?
Yes, via the ?theme=dark or ?theme=light and ?lang=fr|en|es parameters in the iframe URL. Use the controls above to preview and generate the correct snippet.
What iframe size do you recommend?
480×560 px minimum. The iframe adapts to its container width.
Does the widget work on mobile?
Yes. The widget is responsive and works in modern mobile browsers that support WebRTC.
Must I credit VPNSmith?
It's not technically required, but we encourage you to include the attribution link. It helps us keep this service free.