Tool

WebRTC candidate check

Run the optional WebRTC check only after explicit consent, then review whether network candidates appear in the report.

Interactive diagnostic dashboard

Advanced browser signal auditor

QA scenario controls

Optional checks run only after consent and use the current browser session.

Run WebRTC candidate check

Data use: the scan reads browser-visible signals in this tab and calls the edge IP endpoint. JSON download is local. Share stores a redacted report for seven days by default and removes raw IP from stored report JSON.

Audit scan engine idle

Start a scan to inspect browser-visible signals, edge geography, language, timezone, storage, rendering, and optional WebRTC state.

What causes WebRTC candidate leaks?

WebRTC can expose ICE candidates that describe local or public network routing state. Cloak Browser only runs this check after explicit consent because candidates can be sensitive in some environments.

How should results be interpreted?

A private candidate is a warning that local network information was visible to the page. A public candidate is higher risk for QA profiles because it can contradict the intended route or proxy geography.

What should be remediated?

Review browser WebRTC policy, enterprise controls, and test runner launch options before using the environment as a privacy-sensitive or network-sensitive QA fixture.