IPv6 Leak Test

Check whether your IPv6 address is visible to websites even if you're behind a VPN.

Running tests…

Probing both an IPv4-only and dual-stack endpoint.

Probe Results

IPv4-only endpoint
pending…
Dual-stack endpoint
pending…
Server-observed request family

What the server saw when this page was requested.

IPv4

What is an IPv6 leak?

An IPv6 leak happens when your browser sends traffic over IPv6 while your VPN only tunnels IPv4. Sites that support IPv6 then see your real public IPv6 address — typically the /64 block your ISP assigned to your router — and every privacy guarantee the VPN promised is quietly broken.

Most leaks are silent. The VPN client shows "Connected", the kill switch is on, and the IPv4 address on every VPN dashboard looks right. Meanwhile a single IPv6-enabled request (the Google homepage, a Facebook pixel, a YouTube embed) exposes your origin address.

How this test works

  • 1.Your browser fetches api.ipify.org, an IPv4-only endpoint, so we capture the address your browser uses on the IPv4 stack.
  • 2.It fetches api64.ipify.org, a dual-stack endpoint that prefers IPv6 when available. If your browser reaches it over IPv6, we get your public IPv6 address back.
  • 3.If both come back with addresses and the second one is an IPv6, your browser is dual-stack reachable. Any VPN that only tunnels IPv4 is leaking.

How to fix an IPv6 leak

Use a VPN that supports IPv6 — Mullvad, IVPN, and ProtonVPN all tunnel IPv6 traffic or block it at the system level.
Disable IPv6 at the OS level — on macOS set IPv6 to "Link-local only" per interface; on Windows uncheck IPv6 in the adapter properties; on Linux set net.ipv6.conf.all.disable_ipv6=1.
Block IPv6 egress in your firewall — on macOS/Linux use pf or ip6tables; on routers with OpenWrt or pfSense drop all outbound IPv6 while your VPN is up.

Frequently Asked Questions

What is an IPv6 leak?

An IPv6 leak happens when your browser sends traffic over IPv6 while your VPN or proxy only tunnels IPv4. Websites that support IPv6 can then see your real public IPv6 address, bypassing the VPN entirely and linking your traffic back to your home or mobile connection.

How does this tool detect an IPv6 leak?

The tool makes two requests from your browser: one to an IPv4-only endpoint and one to a dual-stack endpoint that prefers IPv6 when available. If both return an address, and the second one is an IPv6 address, your browser is reachable on both stacks and any IPv4-only VPN is leaking IPv6.

Why is an IPv6 leak dangerous if I use a VPN?

Most consumer VPNs historically only carry IPv4 traffic. If your operating system has IPv6 enabled and your ISP offers native IPv6, every IPv6-capable website (Google, YouTube, Facebook, Netflix, Cloudflare) sees your real IPv6 address even while you think the VPN is protecting you. That address is often a /64 assigned to a single household.

How do I fix an IPv6 leak?

You have three options. First, pick a VPN that either tunnels IPv6 natively or blocks IPv6 traffic at the system level. Second, disable IPv6 in your operating system (Settings → Network on macOS, Adapter settings on Windows, or add `net.ipv6.conf.all.disable_ipv6=1` on Linux). Third, block IPv6 egress in your firewall. After any change, re-run this test to confirm the leak is gone.

Does the test mean my VPN is broken if both probes return an address?

Not necessarily. If both addresses are the same IPv4 address (your VPN exit node), the dual-stack probe simply fell back to IPv4 and there is no leak. A leak specifically means the dual-stack probe returned an IPv6 address. If you see two different IPv4 addresses, that is a different problem — usually split tunneling or a misconfigured proxy.

Why did both probes fail?

The most common reason is an aggressive content blocker or tracker blocker stopping the fetch call to the ipify endpoints. Other causes include a captive portal or a network that blocks outbound HTTPS to third-party IP-echo services. Try pausing blockers for this page and retry.

Is this test private?

Your IP is sent only to the public ipify endpoints (api.ipify.org and api64.ipify.org) that echo it back. Browser Inspector does not log, store, or share your IP. The test runs entirely in your browser.

More Tools

Full Browser Inspector

See all 80+ data points your browser exposes

What Is My IP?

Check your public IP, location, and ISP

What Is My Browser?

Detect your browser, version, OS, and device type

WebRTC Leak Test

Detect local and public IPs exposed by WebRTC, even behind a VPN

DNS Leak Test

See which resolver answers your queries and whether it bypasses your VPN

JavaScript Information

Inspect your JS engine, supported features, and runtime capabilities

Canvas Fingerprint

See the unique image your browser renders and how trackers use it

Geolocation API Test

Check what coordinates your browser exposes via the Geolocation API

TLS Client Test

Inspect your ClientHello, cipher suites, and JA3 fingerprint

Incognito / Private Mode Test

Detect whether your browser is in Incognito or Private Browsing mode

Further Reading

What Is Browser Fingerprinting?

Learn how sites track you without cookies

Browser Privacy Comparison

Chrome vs Firefox vs Safari vs Brave

Browser Privacy Tips

10 practical ways to harden your browser