Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How Do Those Ads Know Where I Live?

Question: I live in Baltimore. When I go to a website,  the content will often say things like, “Find sexy singles in Baltimore,” and stuff like that. I use spyware software religiously. So, how do they know where I live? And how do I get rid of it? These aren’t local websites that I’m visiting by the way.

Spooky, isn’t it? I see the same thing when I visit certain websites. It’s not always about “sexy singles,” but they frequently nail me down to the Seattle area.

There are a couple of ways this can happen.

Become a Patron of Ask Leo! and go ad-free!

You told them

The most obvious is one we often overlook.

Ever register with a site? At a minimum, I’ll bet it required a city, state, or postal code. Well, you just told them where you are. That’s now information that the site (and possibly other sites operated by the same entity or entities) can use to customize your experience. That “customization” could include local news, weather, and yes, even advertising.

In most cases, all it takes is a postal code. If a site has that, and passes it on to other sites or advertising services, then it’s trivial for those sites and services to know – at least in general terms – where you are.

Your ISP told them


… it’s nearly impossible to determine the specific location of a computer based on only its IP address.
 It’s spooky to visit a site for the first time and up pop those ads for your city.

As I’ve discussed in many other articles, it’s nearly impossible to determine the specific location of a computer based only on its IP address. The publicly available information about IP addresses only resolves down to the ISP that assigned it. If you need to get more detailed, you need the ISP’s help – and typically they won’t help without legal requirements.

But even without the ISP’s help, you do have something: you have the location of the ISP.

In fact, that’s exactly how I get located when I’m at home. Even though I’m located well outside of Seattle, my ISP is based there. Hence, ads that use “geo-targeting” based on the IP address resolve to the greater Seattle area.

They can get it wrong, too. I’ve had several ISPs over the years in this same place, and location services have at various times reported that I’m in:

  • Southern California
  • Portland, Oregon
  • Seattle
  • Woodinville

Even the last one, which is indeed correct, narrows down my location only to somewhere within 18 square miles.

The most egregious are cases where they attempt to geo-target an AOL customer. Do a lookup on AOL’s IP range – it looks like every AOL customer lives in Manassas, Virginia, regardless of where they really are.

You Are HereGoogle told them

I say Google, but in reality, this could apply to any service which includes geo-location information, and probably applies equally well to Apple, Microsoft, Facebook and others.

This information can be collected from known Wi-Fi hotspots and also from mobile devices that include GPS.

It should be no surprise that GPS-enabled devices have the ability to determine exactly where you are. That’s their point, after all. When the information from these devices is associated with your Google, Apple, Microsoft, or Facebook account, that information can be applied or correlated with your internet access using other devices – like your desktop computer.

That is shared anonymously with advertising networks, which show you ads that relate specifically to where you live.

So the bottom line is that advertisers can often (but not always) make a reasonably intelligent guess as to your general location. It’s nothing new, really, and certainly nothing to be concerned about.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

23 comments on “How Do Those Ads Know Where I Live?”

  1. The fact that the word “cookie” and likely the word “Amazon.com” were’nt mentioned suggests to me that the author might well have done a bit more research before “answering” this baffling queston.

    Reply
  2. So what’s your point Blake? You say other websites get to read the Amazon.com cookie? Since the web browsers submits the cookie only to the site it belongs too this can’t be happening (at least in a computer that hasn’t been hijacked by some sort of adware/malware)

    And if you say Amazon.com is illegally selling private info to relate personal data and IP address how would this guys (Amazon.com) make sure every pal behind an IP is the same guy they recorded the info once when we all get different IPs assigned randomly when we reset our routers?

    Reply
  3. I agree with Balke. Very poorly researched article. Like someone with a few extra minutes in hand decided to write quickly about something he had very pedastrian knowledge to begin with.

    Reply
  4. I wonder if they may be using the same technique google uses to geo target users: First response to DNS query. Typing http://www.google.com in the address bar is translated to http://www.google.ca (canadian location) Geo position ad farms and the first response wins. Usually this means that the nearest to the user reponds with a local server address, and thus local versions of the ads.

    Reply
  5. Another thing to keep in mind is that often times they don’t know where you live. I noticed that banner ads on dictionary.com were targeting my location. When I deleted my cookies and went back it had a classmates.com add to find students from “West Springfield High School” or “Martin Luther King High School”. There just so happens to be a “West Springfield” high school in my area, but there are also 5 zillion West Springfields and Martin Luther Kings all over the US.

    So sometimes they just guess with a common city name or something.

    Reply
  6. Okay, dumb comment people. His answer is accurate and the logical place to start. Once the adserver resolves a close approximation of your location this information can be included in a cookie. If the adserver is part of a network like Advertising.com or Revenue Science it can fine tune depending on the sites your frequent. So if this guy looks at the Baltimore Sun site and checks the local job postings the server can give the Baltimore location in the cookie another point. This will help validate the association. You can get a lot more sophisticated but starting from this base is all you need. No nefarious plots between Amazon.com and any other advertiser. Sheesh, take off your foil hats.

    Reply
  7. I think the article is right about it locating the ISP I got ads for nacogdoches, an unusual name, when
    I just started using the computer there, there is no other way the could have done this besides the ip ranges. I might look for a good proxy server to see if it counters their technique, which it should.

    Reply
  8. Whil using a proxy (e.g. hidemyass.com) you will get a defauly banner ad and not one labeling you city.

    Case in point:
    There is one of those “cam-whore” banner ads that show the model with a piece of paper says “I love “. Viewed through a proxy the same piece of paper says “I love my town”. Kinda cool!

    Reply
  9. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    Oh yeah, only *300 MILES* off for me.

    Sorry, but these services are simple NOT reliable and RARELY lead people close
    enough to you home for anything significant.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.7 (MingW32)

    iD8DBQFHargKCMEe9B/8oqERAjGwAJ9RlFUAqaVzM+dM5hTRr3fR1MWTegCfeMul
    wOctEKl4p7HmgDTLz5eixdI=
    =UkxJ
    —–END PGP SIGNATURE—–

    Reply
  10. I don’t think anyone here really knows what they are talking about. When I go on a site for the first time, the ads mention the exact town where I live. My ISP is located over 500 miles from me so the ads are not locking onto my ISP, they know where I am. How is this possible? I saw similar on a chat room where a guests info would include their location and I used to freak people out by guessing correctly where they were, I did’t think about privacy at that time. There must be a way to block your info.

    Reply
  11. I don’t think anyone here really knows what they are talking about. When I go on a site for the first time, the ads mention the exact town where I live. My ISP is located over 500 miles from me so the ads are not locking onto my ISP, they know where I am. How is this possible? I saw similar on a chat room where a guests info would include their location and I used to freak people out by “guessing” correctly where they were, I did’t think about privacy at that time. There must be a way to block your info.

    Reply
  12. Hello,

    A friend of mine who lives in France found out that someone was trying to access her Yahoo email. That person was using either webmail via browser or outlook or mail on telephone when she usually uses her account via the yahoo “secured” interface. To make a long story short, she kept getting a message from Yahoo telling her that an unauthorized connection was made using non secure methods and was therefore refused. The message also printed the culprit IP address.
    She is in instance of divorce and the immediate suspicion was that her future-ex-husband was trying to access her private email (although she had now changed passwords and taken other security measures).
    She sent me the IP address that was rejected. After a short research, it was very easy in fact to see that it came from a French phone-cable-TV provider, that it was the IP address from a set top box/router, and the town it was located in. Now that was an easy one since she has two boxes, one in her house and the other one in her store… and it appears to be the store’s IP address, store where her future-ex still works.
    Now, had it been a phone or tablet IP address that was traveling around the world it would have been trickier as you know.
    It all depends on which server the unit is connected and if it is via static IP or dynamic IP. However, you will always be able to get the location of the server the phone, tablet or computer is connected to. That can tell you a lot already. The thing is when someone uses a remote server to send email, let’s say Yahoo, the IP address you may be able to track is not Yahoo’s but that of the local ISP box that routed the message via smtp to the Yahoo servers. If I use a Verizon box to send email, even though I use Yahoo as a mail account, a routing will show the address from my box. You can get quite close that way.
    Now if someone uses an internet café, a public computer or someone else’s wifi/ethernet, then all bets are off and it then becomes very complicated if not impossible to track everything…. Unless of course you involve law enforcement.
    The point I am making is this: We cannot say it is impossible to track an IP address. It is possible in some very limited instances and if the person on the other end is not savvy enough to understand how the internet works.
    Do I make any sense here?

    Reply
    • In your friend’s case, it was possible to trace the source of the attempted hack because she has physical access to the router with that IP address. If a hack is serious enough for law enforcement to be involved, they can get the courts to allow them to get ahold of the ISP records and identify the source of the hack. In other words, it’s possible technically to identify the source of the hack, but there are legal obstacles.

      Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.