VPN and Privacy Tools
Free diagnostic tools and related guides for checking VPN and Privacy issues in one place.
What should I check first for VPN and Privacy issues?
For VPN and Privacy issues, start with Check My IP Address to capture the current state, then use VPN & Privacy Check to narrow the cause. If the result is unclear, read the related guide and open the next tool before changing settings.
Recommended Check Order
Open the tools in this order to narrow the issue before you change DNS, email, security, privacy, or network settings.
Check the current state: Check My IP Address
Instantly check your public IPv4/IPv6 address, ISP, and approximate location.
Narrow the cause: VPN & Privacy Check
Combines WebRTC leak, DNS leak, and IP analysis to verify whether your VPN is actually protecting your privacy.
Cross-check the result: DNS Leak Test
Check whether DNS requests are leaking outside expected network paths.
Common Symptoms
Common problem patterns grouped by tool. If a symptom matches, start with that check.
IPv6 is available, but the current connection shows IPv4.
Check whether the target site returned AAAA records and whether browser, VPN, or ISP policy sent this request over IPv4.
Compare DNS leak and WebRTC signals to see whether the same public address is exposed elsewhere.
The IP changed, but the VPN score is still low.
An IP change alone is not enough. DNS, WebRTC, and fingerprint signals may still expose the old network.
Check DNS leak and WebRTC candidate addresses, then review browser fingerprint signals.
ISP DNS appears while a VPN is active.
Check VPN DNS protection, operating system DNS, and browser Secure DNS settings.
Enable forced VPN DNS if available, then repeat DNS leak and VPN checks in the same browser.
Browser or device values do not match what you expected.
Private mode, extensions, browser permissions, and User-Agent reduction can change visible values.
Compare browser info with fingerprint signals to separate real environment differences from privacy protections.
Browser or device values do not match what you expected.
Private mode, extensions, browser permissions, and User-Agent reduction can change visible values.
Compare browser info with fingerprint signals to separate real environment differences from privacy protections.
The result does not match expectations.
Confirm that the input, network, browser conditions, and cache state match the previous test.
Cross-check the same target with related tools and retest after changing one condition at a time.
Which tool should I open first?
Use this matrix to match the symptom to the right tool, the signal to check, and the next action.
Check My IP Address
Instantly check your public IPv4/IPv6 address, ISP, and approximate location.
Use the Check My IP Address result to narrow VPN and Privacy issues.
After reviewing the result, cross-check it with a related tool or guide.
VPN & Privacy Check
Combines WebRTC leak, DNS leak, and IP analysis to verify whether your VPN is actually protecting your privacy.
Use the VPN & Privacy Check result to narrow VPN and Privacy issues.
After reviewing the result, cross-check it with a related tool or guide.
DNS Leak Test
Check whether DNS requests are leaking outside expected network paths.
Use the DNS Leak Test result to narrow VPN and Privacy issues.
After reviewing the result, cross-check it with a related tool or guide.
WebRTC Leak Test
Check whether WebRTC exposes network addresses and potential leak risk.
Use the WebRTC Leak Test result to narrow VPN and Privacy issues.
After reviewing the result, cross-check it with a related tool or guide.
Digital Fingerprint
Review browser fingerprint surfaces such as Canvas and WebGL.
Use the Digital Fingerprint result to narrow VPN and Privacy issues.
After reviewing the result, cross-check it with a related tool or guide.
User-Agent Checker
Check the current browser User-Agent string and parse browser, rendering engine, operating system, device type, language, and Client Hints.
Use the User-Agent Checker result to narrow VPN and Privacy issues.
After reviewing the result, cross-check it with a related tool or guide.
How To Choose The Right Tool
Why Your IP Location Looks Wrong
IP location is an estimate based on network ownership, VPN exits, cloud routing, proxies, and GeoIP databases, not GPS. When the city or country looks wrong, separate a privacy leak from database lag, browser location permission, and account-location signals.
WebRTC Leak Test
Check whether WebRTC exposes network addresses and potential leak risk.
Frequently Asked Questions
VPN and Privacy: what should I check first?
For VPN and Privacy issues, start with Check My IP Address to capture the current state, then use VPN & Privacy Check to narrow the cause. If the result is unclear, read the related guide and open the next tool before changing settings.
Which tools should I run first?
Run Check My IP Address, VPN & Privacy Check, DNS Leak Test in that order to separate current state, likely cause, and cross-check signals.
What should I read if the result is unclear?
If the result is unclear, open Why Your IP Location Looks Wrong and review the same problem as a checklist.
Tools To Run
Check My IP Address
Instantly check your public IPv4/IPv6 address, ISP, and approximate location.
VPN & Privacy Check
Combines WebRTC leak, DNS leak, and IP analysis to verify whether your VPN is actually protecting your privacy.
DNS Leak Test
Check whether DNS requests are leaking outside expected network paths.
WebRTC Leak Test
Check whether WebRTC exposes network addresses and potential leak risk.
Digital Fingerprint
Review browser fingerprint surfaces such as Canvas and WebGL.
User-Agent Checker
Check the current browser User-Agent string and parse browser, rendering engine, operating system, device type, language, and Client Hints.
Browser Info
Inspect browser name, version, language, and User-Agent details.
OS Info
Check operating system platform, version hints, and architecture signals.
Screen Info
View resolution, available viewport size, color depth, and pixel ratio.
Device Info
Detect device type, touch capability, orientation, and connection hints.
Time & Zone
Show local time, timezone, UTC offset, and locale detected by the browser.
Geolocation
Verify geolocation permission status and coordinate accuracy.
Cookie Info
Check whether cookies, local storage, and session storage are enabled.
JS Info
Test JavaScript runtime and related browser capability signals.
Referrer Info
Inspect referrer URL and session entry path.
Guides To Read
Why Your IP Location Looks Wrong
IP location is an estimate based on network ownership, VPN exits, cloud routing, proxies, and GeoIP databases, not GPS. When the city or country looks wrong, separate a privacy leak from database lag, browser location permission, and account-location signals.
Why VPN Location and IP Location Do Not Match
VPN location can look wrong because of GeoIP database lag, VPN exit routing, DNS resolver location, browser location permissions, cookies, or account-location signals. A mismatched map result alone does not prove a privacy leak.
Why Your IP Does Not Change After Turning On a VPN
If your visible IP stays the same after enabling a VPN, the cause may be a disconnected tunnel, split tunneling, WebRTC exposure, DNS bypass, IPv6 bypass, or a VPN exit that is too close to your normal location. Compare IP, DNS, and WebRTC signals together before deciding whether the VPN is working.
VPN Connected but No Internet: Causes and Fixes
A VPN can show connected while the actual internet route is broken. Kill switch state, DNS, split tunneling, IPv6, proxy settings, VPN server health, and corporate network policy should be separated.
Wi-Fi Connected but No Internet: Causes and Fixes
“Wi-Fi connected but no internet” means the device joined the wireless network but still cannot reach the internet. Router state, DNS, ISP outage, captive portal login, VPN, IPv6, proxy, and local cache should be separated.
Public Wi-Fi Login Page Not Opening: Causes and Fixes
When a public Wi-Fi login page does not open, the device may be connected to the network but not yet authorized for internet access. HTTPS redirects, DNS, browser cache, VPN, proxy, cookies, and captive portal detection should be checked.
Mobile Data Not Working: Causes and Fixes
Mobile data failures can come from carrier signal, plan limits, APN settings, DNS, IPv6, VPN, tethering mode, or browser cache. Separate Wi-Fi from cellular and compare current IP, DNS, and route behavior.
ERR_NETWORK_CHANGED: Causes and Fixes
ERR_NETWORK_CHANGED appears when the browser detects that the network path changed while a page was loading. Wi-Fi switching, VPN connect or disconnect events, proxies, IPv4/IPv6 route changes, DNS resolver changes, and unstable routers can all trigger it.
ERR_INTERNET_DISCONNECTED: Causes and Fixes
ERR_INTERNET_DISCONNECTED appears when the browser cannot find a usable path to the internet. Device networking, router state, ISP outages, VPN kill switches, proxies, and DNS failures should be separated before treating it as a website outage.
ERR_ADDRESS_UNREACHABLE: Causes and Fixes
ERR_ADDRESS_UNREACHABLE appears when the browser cannot reach the target IP address or network route. Local routing, wrong IPs, VPN or proxy paths, routers, CGNAT, IPv6 behavior, and firewalls should be checked before treating the site as down.
ERR_TUNNEL_CONNECTION_FAILED: Causes and Fixes
ERR_TUNNEL_CONNECTION_FAILED appears when the browser cannot create an HTTPS tunnel through a proxy or VPN path. Wrong proxy addresses, failed authentication, corporate blocking, split tunneling, DNS handling, and HTTPS inspection certificates should be checked together.
ERR_PROXY_CONNECTION_FAILED: Causes and Fixes
ERR_PROXY_CONNECTION_FAILED appears when the browser cannot reach a site through the configured proxy. Wrong proxy addresses, PAC files, authentication failures, VPN policy, corporate security gateways, DNS, and HTTPS tunnel failures should be separated.
ERR_BLOCKED_BY_CLIENT: Causes and Fixes
ERR_BLOCKED_BY_CLIENT usually means the request was blocked by the browser, an extension, a content blocker, security software, or privacy settings rather than by the origin server. Images, scripts, analytics files, CDN paths, and filename patterns should be checked separately.
VPN Privacy, DNS Leaks, and WebRTC Leaks
Turning on a VPN does not automatically hide every signal. DNS resolvers, WebRTC candidate addresses, and browser fingerprints can still reveal more than users expect, so privacy checks need to look beyond the public IP alone.
VPN Leak Check and Fix Guide
A VPN can change the public IP while DNS, WebRTC, browser fingerprint, cookies, or account location still expose the real network. Separate each signal instead of trusting a single IP result.
DNS Leak Troubleshooting
A DNS leak happens when domain lookups leave the VPN or intended resolver path. IP, DNS, and WebRTC results should be compared together to understand the real privacy exposure.
WebRTC IP Leak While Using a VPN
WebRTC is a browser real-time communication feature. During candidate discovery, it can expose network-address clues that do not match the VPN exit. A changed VPN IP is not enough; WebRTC and DNS signals should be checked separately.
DNS over HTTPS Looks Like a VPN DNS Leak
DNS over HTTPS lets a browser or operating system send DNS queries through HTTPS. If a browser DoH resolver is active while a VPN expects to use its own DNS path, DNS leak test results can look different from the VPN exit IP.
Browser Fingerprints and Tracking Signals
Browsers expose identity through user agent, screen size, language, time zone, fonts, GPU, and canvas traits. Combined together, those signals can stay highly unique.
SameSite cookie not sent: causes and fixes
A login or session cookie can disappear from a request when SameSite, cross-site navigation, iframes, redirects, fetch credentials, and CORS credentials do not line up. Confirm whether the browser sent the cookie before blaming the backend session.
Secure cookie not set or not sent: causes
Secure cookies are stored and sent only over HTTPS. HTTP callbacks, proxy HTTPS detection bugs, redirects, mixed content, HSTS, and certificate problems can make a login session appear to vanish.
Third-party cookies blocked: what breaks and how to fix it
When browsers block third-party cookies, iframe login, embedded widgets, payments, analytics, attribution, and SSO can fail. The durable fix is often a first-party flow, Storage Access, or server-side session exchange rather than forcing the old cookie model.
Cookies disabled and session lost: causes and fixes
If cookies are disabled or blocked by private mode, tracking protection, or security extensions, login, carts, language settings, and CSRF protection may reset. Separate storage failure from request-sending failure.
Geolocation permission denied: causes and fixes
Geolocation permission can be denied by the user, insecure HTTP, iframe permission policy, OS location settings, browser privacy controls, or a previous block decision. Browser geolocation and IP location are different signals.
JavaScript disabled or blocked: why a site stops working
Buttons, login, forms, calculators, and API calls can stop when JavaScript is disabled or blocked by extensions, CSP, mixed content, wrong MIME type, or failed script responses. Separate disabled JavaScript from script load failure.
Public IP vs Private IP: What Is the Difference?
A public IP is the address visible on the internet, while a private IP is used inside a router, home network, or office network. Understanding the difference helps explain VPN behavior, shared Wi-Fi, port forwarding, and why a device IP may not match what websites see.
Why Your IP Address Keeps Changing
A public IP can change because of ISP DHCP leases, router restarts, mobile-network movement, VPN server changes, CGNAT, or IPv4/IPv6 path changes. Understanding the cause helps interpret login alerts, access restrictions, port forwarding, and remote access issues.
Why IPv6 Is Not Detected
IPv6 may be absent because of ISP support, router mode, operating system settings, VPN policy, DNS answers, or server readiness. A working IPv4 connection does not prove IPv6 is available or being used.
IPv4 vs IPv6 Current Connection
A device can have both IPv4 and IPv6 available while the current web request still uses only one address family. Reading the Current badge separately from available addresses helps diagnose VPNs, ISP routing, DNS answers, and server IPv6 readiness.
FAQ
VPN and Privacy: what should I check first?
Which tools should I run first?
What should I read if the result is unclear?
Data Handling & Privacy
ipnawa is a diagnostics service. Inputs are used to produce results and are not intended for account-based profiling.
- Server-side tools (WHOIS, SSL, DNS, header checks) send your input domain/IP to our server for lookup.
- Browser-side tools (fingerprint, cookies, JavaScript) run primarily in your browser when supported.
- Standard web/server security logs may include IP address, timestamp, and User-Agent.
- Some checks call external providers such as ipinfo.io and bigdatacloud.net.
- Ads and non-essential cookies are loaded only after your consent choice.
External Processors
- ipinfo.io (IP/ASN/location lookups)
- bigdatacloud.net (reverse geocoding)
- Advertising partners (only after ad-consent acceptance)
You can review or change cookie/ad consent at any time.