How websites hit your IP even through VPN?

How?

You turned VPN and you think it's hidden. And the website… submerged script by Google (type of fonts.googleapis.com) and he makes a direct request, past VPN, via WebRTC or DNS leak.

navigator.mediaDevices.getUserMedia({
  video: true,
  audio: true
})
.then(() => {
  // If the user's allowed, the violator's already got an infu about your device
}

And via WebRTC:

var pc = new RTCPeerConnection({iceServers:[]});
pc.createDataChannel("");
pc.createOffer().then(offer => pc.setLocalDescription(offer));
pc.onicecandidate = event => {
  if (event && event.candidate) {
    console.log(event.candidate.candidate); //There could be your real IP
  }
}

What does that mean: Even with the VPN, you can be sleeping through the browser. And you won't even know what happened.

<<< How 3GA Came to Be?

DA PROJECT >>>