IPOK

Is ping0.cc safe? We tested it — it collects your real IP

If you use ping0.cc to check a proxy / VPS / server IP, be careful: a live packet capture shows it also quietly collects your machine's real IP — a real de-anonymization risk if you care about privacy.

Two smoking guns: (1) its front-end check.js uses WebRTC (RTCPeerConnection + STUN) to pull your real IP behind the proxy out of the ICE candidate, then POSTs it to /ip/peer — displaying your IP needs no WebRTC, so this step is de-anonymization; (2) it sends /logv6/{your-IPv6}/{your-IPv4}, pairing your real IPv4 and IPv6 and logging them to its servers — your browser already has both locally, so sending them back exists only to archive them. (It also uses ipv4./ipv6. subdomains to obtain both addresses, but dual-stack detection itself is a normal feature — I don't count it as harvesting.)

Reproduce it in 30 seconds: open ping0.cc, press F12 → Network, refresh, and search for peer, logv6, ipv4.ping0 — all three are there. Open the logv6 request and your IPv4/IPv6 pair is right in the URL.

IPOK is the alternative that doesn't do this: the WebRTC leak test runs only on click, entirely in your browser, and is never sent to us; it never uses WebRTC to pierce the proxy for your real identity, and keeps no IP-pairing log; queries are stateless, with no database, no analytics, and no tracking cookies. Check any IP with it below — we check IPs, not you.

Your public IP

FAQ

Is ping0.cc safe? Will it leak my real IP?

A live capture shows ping0.cc uses WebRTC to grab your real IP behind a proxy and POST it to its server (/ip/peer), and pairs your IPv4 and IPv6 into a server-side log (/logv6/). If you're testing a proxy / VPS IP, your real address can be collected and archived.

How do I verify ping0 is collecting IPs myself?

Open ping0.cc, press F12 to open the Network panel, refresh, and search the requests for peer, logv6, and ipv4.ping0 — all three are present. Open the logv6 request and your IPv6/IPv4 pair is in the URL. It reproduces in about 30 seconds.

Is there a ping0 alternative that doesn't harvest IPs?

IPOK (ipok.io) offers the same IP purity / risk score / native-IP / datacenter / streaming-unlock checks, but does not collect your real IP: the WebRTC test runs only on click and stays local, never sent back; no IP-pairing log, no storage, no analytics, no tracking cookies.

How do I stop WebRTC from leaking my real IP?

Disable WebRTC in your browser (in Firefox set media.peerconnection.enabled to false; in Chrome install a WebRTC-control extension), or use a checker that doesn't actively harvest the WebRTC IP.

What's the difference between ping0 and IPOK?

Feature-wise both check IP purity / risk / native IP / datacenter / unlock. On privacy, ping0 was observed grabbing the real IP behind your proxy via WebRTC and pairing your IPv4/IPv6 into a server-side log (dual-stack detection itself is normal — the issue is those two steps), while IPOK does neither: WebRTC runs only on click and never leaves your browser, with no IP-pairing log, no storage, and no tracking.

Related checks

IP Purity Check
Native IP Check
IP Risk Score
ChatGPT IP Check
WebRTC Leak Test
Datacenter or Residential IP?