Try for $3.50 Log In
Try for $3.50

WebRTC Leak Test

Check whether WebRTC exposes your real public IP, local IP, IPv6 address,
or mDNS candidate while you use a VPN or proxy

WebRTC candidate inspection
Local IP detection
Public IP check

Check if WebRTC exposes your real IP

The test runs automatically in your browser and compares your HTTP connection
with WebRTC candidates to detect possible IP leaks

Your connection (HTTP)

Detected public IP
Detecting…
ISP
Country / City
Browser
Detecting…

WebRTC API support

RTCPeerConnection
RTCDataChannel
Media Devices API
Test status
Queued

WebRTC leak verdict

Running test…

Collecting ICE candidates from your browser.

How to fix a WebRTC leak

Your connection (WebRTC)

Detected public IP
Local LAN IP
Public IPv6
mDNS candidate

Session Description (SDP)

Waiting for WebRTC offer…

Media Devices

Audio permission
Video permission
Audio inputs
Audio outputs
Video inputs

What is a WebRTC leak?

A WebRTC leak happens when your browser exposes your real IP through WebRTC candidates, even while your HTTP traffic uses a VPN or proxy.

WebRTC is a browser technology that allows direct audio, video, and data connections between users. To create those connections, the browser collects ICE candidates, which can include public IPs, local network IPs, IPv6 addresses, and mDNS candidates.

The issue is that WebRTC can use browser network interfaces separately from your normal web connection. That means your website traffic may go through a VPN or proxy, while WebRTC still reveals another IP path.

For proxy users, the fix is usually in the browser, anti-detect profile, or automation setup, not only in the proxy itself.

Can WebRTC leak when using proxies?

Yes. A proxy can route normal HTTP or SOCKS5 traffic correctly while WebRTC still uses the browser’s
network interfaces. NodeMaven proxies support HTTPS and SOCKS5, but WebRTC protection depends
on your browser, anti-detect profile, or automation setup.

Setup
Does WebRTC leak?
Why
HTTP/HTTPS proxy
Usually yes
WebRTC can use UDP outside the HTTP proxy tunnel unless the browser blocks it
SOCKS5 proxy
Usually yes
Many browsers do not automatically route WebRTC candidates through SOCKS5
Residential, mobile, or ISP proxy
Usually yes
The proxy type does not control WebRTC by itself; browser WebRTC settings do
Anti-detect browser + proxy
Depends on settings
The profile must disable WebRTC or force WebRTC to return the proxy IP
Browser with WebRTC disabled + proxy
No
The browser cannot create WebRTC ICE candidates
Puppeteer / Playwright with WebRTC policy flag
No, if configured correctly
Chromium is forced to block non-proxied UDP or use the allowed network policy

How WebRTC exposes your IP

WebRTC uses ICE candidates to find possible network paths for peer-to-peer connections.
If your browser is not configured correctly, those candidates can reveal IP information outside
your VPN or proxy tunnel

A page creates a WebRTC connection

01

A page creates a WebRTC connection

The website runs JavaScript that creates an RTCPeerConnection in your browser

The browser contacts a STUN server

02

The browser contacts a STUN server

The browser asks a STUN server which public IP address it can see over UDP

The browser collects ICE candidates

03

The browser collects ICE candidates

The browser gathers possible connection addresses, including public IPs, local IPs, IPv6 addresses, and mDNS candidates

JavaScript reads the candidates

04

JavaScript reads the candidates

The page can read candidate data from onicecandidate events or the session description, then compare it with your normal HTTP IP

How to fix a WebRTC leak

Chrome and Edge

Install WebRTC Network Limiter and set the policy to use the default public interface only. For automation, launch Chromium with --force-webrtc-ip-handling-policy=disable_non_proxied_udp

Firefox

Open about:config, search for media.peerconnection.enabled, and set it to false if you want to fully disable WebRTC

Brave

Open Settings → Shields → Fingerprinting blocking and set WebRTC IP handling to a stricter privacy mode

Safari

Keep Safari updated and check privacy settings before sensitive sessions. Safari exposes fewer direct WebRTC controls than Chromium-based browsers, so use a WebRTC leak test after changing VPN, proxy, or network settings

Anti-detect browsers

Use the browser’s WebRTC protection setting to either disable WebRTC or force WebRTC to return the proxy IP

Puppeteer and Playwright

Launch Chromium with --force-webrtc-ip-handling-policy=disable_non_proxied_udp to prevent non-proxied UDP WebRTC traffic during browser automation

WebRTC Leak Test vs DNS Leak Test vs Proxy Checker

Each tool checks a different privacy risk. Use the WebRTC Leak Test for browser IP exposure,
DNS Leak Test for resolver leaks, and Proxy Checker for proxy health and bandwidth usage

Tool
When to use
WebRTC Leak Test
Check whether your browser exposes your real public IP, local IP, IPv6 address, or mDNS candidate through WebRTC
DNS Leak Test
Check whether DNS queries bypass your VPN or proxy and go to your ISP or another unintended resolver
Proxy Checker
Test proxy bandwidth usage, or a proxy list to see which proxies are alive, reachable, and healthy.
IP Lookup
Check geo, ISP, ASN, location, and threat data for a single IP address

Start your proxy trial for $3.50 and test 750MB with your browser setup

Create account
Start your proxy trial for $3.50 and test 750MB with your browser setup

Frequently asked questions

A WebRTC leak happens when your browser exposes your real public IP, local IP, IPv6 address, or mDNS candidate through WebRTC, even if your normal web traffic goes through a VPN or proxy.

Run a WebRTC leak test and compare your HTTP IP with the IPs found in WebRTC candidates. If WebRTC shows a different public IP, local IP, or unexpected IPv6 address, your browser may be leaking.

Yes. HTTP, HTTPS, and SOCKS5 proxies protect normal browser traffic, but WebRTC can use browser network interfaces separately. To prevent leaks, configure your browser, anti-detect profile, or automation environment to block non-proxied WebRTC traffic.

Not by themselves. SOCKS5 proxies protect supported traffic, but WebRTC may still expose IP data unless your browser disables WebRTC, blocks non-proxied UDP, or forces WebRTC to return the proxy IP. NodeMaven proxies support SOCKS5, but WebRTC protection still needs to be handled in the browser.

NodeMaven residential, mobile, and ISP proxies can all be used with WebRTC-protected browsers. Residential proxies are best when you need wide geo-targeting, rotation, and sticky sessions. Mobile proxies are useful for mobile-first platforms. ISP proxies are best when you need static IP identity, unlimited traffic, and long-running sessions.

Many anti-detect browsers include WebRTC controls, but settings vary by profile. For proxy workflows, configure WebRTC to return the proxy IP or disable WebRTC, then run a leak test before using the profile. NodeMaven proxies work with common anti-detect browser workflows when the browser profile is configured correctly.

Use a WebRTC privacy extension such as WebRTC Network Limiter, set WebRTC to use the default public interface only, or launch Chromium with --force-webrtc-ip-handling-policy=disable_non_proxied_udp for automation workflows.

Open about:config, search for media.peerconnection.enabled, and set it to false. This disables WebRTC peer connections and prevents the browser from creating ICE candidates.

A WebRTC leak exposes IP information through browser peer-connection APIs. A DNS leak happens when domain lookups bypass your VPN or proxy and go to an unintended DNS resolver, often your ISP.

This site uses cookies to enhance your experience. By continuing, you agree to our use of cookies.