What Is a WebRTC Leak?

WebRTC is a browser technology used for real-time calls, video chat, screen sharing, and peer-to-peer connections. To connect two devices, the browser may gather ICE candidates that describe possible network paths.

Those candidates can include local network addresses, relay addresses, or public addresses discovered through STUN servers.

The classic WebRTC leak happens when a user is connected through a VPN or proxy, but WebRTC reveals the user's real ISP public IP or local private IP outside that tunnel.

Modern browsers have reduced this risk by masking many local addresses, but behavior still varies by browser, operating system, and network configuration.

Mobile carriers commonly use CGNAT, separate TCP and UDP paths, IPv6 transition systems, and regional gateways. A WebRTC STUN probe may return a different public IP from the HTTP request even when there is no VPN or proxy.

For that reason, MyIPRisk treats an alternate public WebRTC endpoint as informational unless it clearly indicates a proxy or VPN bypass. The value is useful context, not proof of exposure by itself.

You should investigate if you are using a VPN and WebRTC shows a public IP that belongs to your physical ISP, workplace, or mobile carrier instead of the VPN provider.

You should also investigate if private local addresses are exposed and your threat model requires reducing browser fingerprinting or local network visibility.