Spooky, isn’t it? I see the same thing when I visit certain websites. It’s not always about “sexy singles,” but they frequently nail me down to the Seattle area.
There are a couple of ways this can happen.
Become a Patron of Ask Leo! and go ad-free!
You told them
The most obvious is one we often overlook.
Ever register with a site? At a minimum, I’ll bet it required a city, state, or postal code. Well, you just told them where you are. That’s now information that the site (and possibly other sites operated by the same entity or entities) can use to customize your experience. That “customization” could include local news, weather, and yes, even advertising.
In most cases, all it takes is a postal code. If a site has that, and passes it on to other sites or advertising services, then it’s trivial for those sites and services to know – at least in general terms – where you are.
Your ISP told them
… it’s nearly impossible to determine the specific location of a computer based on only its IP address.
As I’ve discussed in many other articles, it’s nearly impossible to determine the specific location of a computer based only on its IP address. The publicly available information about IP addresses only resolves down to the ISP that assigned it. If you need to get more detailed, you need the ISP’s help – and typically they won’t help without legal requirements.
But even without the ISP’s help, you do have something: you have the location of the ISP.
In fact, that’s exactly how I get located when I’m at home. Even though I’m located well outside of Seattle, my ISP is based there. Hence, ads that use “geo-targeting” based on the IP address resolve to the greater Seattle area.
They can get it wrong, too. I’ve had several ISPs over the years in this same place, and location services have at various times reported that I’m in:
- Southern California
- Portland, Oregon
- Seattle
- Woodinville
Even the last one, which is indeed correct, narrows down my location only to somewhere within 18 square miles.
The most egregious are cases where they attempt to geo-target an AOL customer. Do a lookup on AOL’s IP range – it looks like every AOL customer lives in Manassas, Virginia, regardless of where they really are.
Google told them
I say Google, but in reality, this could apply to any service which includes geo-location information, and probably applies equally well to Apple, Microsoft, Facebook and others.
This information can be collected from known Wi-Fi hotspots and also from mobile devices that include GPS.
It should be no surprise that GPS-enabled devices have the ability to determine exactly where you are. That’s their point, after all. When the information from these devices is associated with your Google, Apple, Microsoft, or Facebook account, that information can be applied or correlated with your internet access using other devices – like your desktop computer.
That is shared anonymously with advertising networks, which show you ads that relate specifically to where you live.
So the bottom line is that advertisers can often (but not always) make a reasonably intelligent guess as to your general location. It’s nothing new, really, and certainly nothing to be concerned about.
very
useful leo
my best regards
very useful leo
i appreciate that
my best regards
Wow, that’s some scary stuff!
The fact that the word “cookie” and likely the word “Amazon.com” were’nt mentioned suggests to me that the author might well have done a bit more research before “answering” this baffling queston.
uhhh, cookies anyone? check out your cookie cache – you’ll see various ad engines set cookies. they only have to know you once to track you from there. it isn’t hard. Philip Greenspun wrote about this back in, oh, 1997 or so: http://philip.greenspun.com/panda/user-tracking (that page has since been updated).
So what’s your point Blake? You say other websites get to read the Amazon.com cookie? Since the web browsers submits the cookie only to the site it belongs too this can’t be happening (at least in a computer that hasn’t been hijacked by some sort of adware/malware)
And if you say Amazon.com is illegally selling private info to relate personal data and IP address how would this guys (Amazon.com) make sure every pal behind an IP is the same guy they recorded the info once when we all get different IPs assigned randomly when we reset our routers?
I agree with Balke. Very poorly researched article. Like someone with a few extra minutes in hand decided to write quickly about something he had very pedastrian knowledge to begin with.
Cookies,Cookies is real suspect!
I wonder if they may be using the same technique google uses to geo target users: First response to DNS query. Typing http://www.google.com in the address bar is translated to http://www.google.ca (canadian location) Geo position ad farms and the first response wins. Usually this means that the nearest to the user reponds with a local server address, and thus local versions of the ads.
Another thing to keep in mind is that often times they don’t know where you live. I noticed that banner ads on dictionary.com were targeting my location. When I deleted my cookies and went back it had a classmates.com add to find students from “West Springfield High School” or “Martin Luther King High School”. There just so happens to be a “West Springfield” high school in my area, but there are also 5 zillion West Springfields and Martin Luther Kings all over the US.
So sometimes they just guess with a common city name or something.
“I use spyware software religiously” That’s the reason…
Ok, Ok… I guess what he really meant was antispyware.
Okay, dumb comment people. His answer is accurate and the logical place to start. Once the adserver resolves a close approximation of your location this information can be included in a cookie. If the adserver is part of a network like Advertising.com or Revenue Science it can fine tune depending on the sites your frequent. So if this guy looks at the Baltimore Sun site and checks the local job postings the server can give the Baltimore location in the cookie another point. This will help validate the association. You can get a lot more sophisticated but starting from this base is all you need. No nefarious plots between Amazon.com and any other advertiser. Sheesh, take off your foil hats.
I think the article is right about it locating the ISP I got ads for nacogdoches, an unusual name, when
I just started using the computer there, there is no other way the could have done this besides the ip ranges. I might look for a good proxy server to see if it counters their technique, which it should.
Probably they are using a database with IP’s associated to regions/cities, you can find information about IP addresses too using http://www.ipgp.net
Whil using a proxy (e.g. hidemyass.com) you will get a defauly banner ad and not one labeling you city.
Case in point:
There is one of those “cam-whore” banner ads that show the model with a piece of paper says “I love “. Viewed through a proxy the same piece of paper says “I love my town”. Kinda cool!
explore this little geo address locator:
http://excathedra.net/Resource/Programming/GeoAddress.aspx
How about: http://www.ip-adress.com/
Using your IP information… pretty damn close I would say.
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Oh yeah, only *300 MILES* off for me.
Sorry, but these services are simple NOT reliable and RARELY lead people close
enough to you home for anything significant.
Leo
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHargKCMEe9B/8oqERAjGwAJ9RlFUAqaVzM+dM5hTRr3fR1MWTegCfeMul
wOctEKl4p7HmgDTLz5eixdI=
=UkxJ
—–END PGP SIGNATURE—–
I don’t think anyone here really knows what they are talking about. When I go on a site for the first time, the ads mention the exact town where I live. My ISP is located over 500 miles from me so the ads are not locking onto my ISP, they know where I am. How is this possible? I saw similar on a chat room where a guests info would include their location and I used to freak people out by guessing correctly where they were, I did’t think about privacy at that time. There must be a way to block your info.
I don’t think anyone here really knows what they are talking about. When I go on a site for the first time, the ads mention the exact town where I live. My ISP is located over 500 miles from me so the ads are not locking onto my ISP, they know where I am. How is this possible? I saw similar on a chat room where a guests info would include their location and I used to freak people out by “guessing” correctly where they were, I did’t think about privacy at that time. There must be a way to block your info.
Hello,
A friend of mine who lives in France found out that someone was trying to access her Yahoo email. That person was using either webmail via browser or outlook or mail on telephone when she usually uses her account via the yahoo “secured” interface. To make a long story short, she kept getting a message from Yahoo telling her that an unauthorized connection was made using non secure methods and was therefore refused. The message also printed the culprit IP address.
She is in instance of divorce and the immediate suspicion was that her future-ex-husband was trying to access her private email (although she had now changed passwords and taken other security measures).
She sent me the IP address that was rejected. After a short research, it was very easy in fact to see that it came from a French phone-cable-TV provider, that it was the IP address from a set top box/router, and the town it was located in. Now that was an easy one since she has two boxes, one in her house and the other one in her store… and it appears to be the store’s IP address, store where her future-ex still works.
Now, had it been a phone or tablet IP address that was traveling around the world it would have been trickier as you know.
It all depends on which server the unit is connected and if it is via static IP or dynamic IP. However, you will always be able to get the location of the server the phone, tablet or computer is connected to. That can tell you a lot already. The thing is when someone uses a remote server to send email, let’s say Yahoo, the IP address you may be able to track is not Yahoo’s but that of the local ISP box that routed the message via smtp to the Yahoo servers. If I use a Verizon box to send email, even though I use Yahoo as a mail account, a routing will show the address from my box. You can get quite close that way.
Now if someone uses an internet café, a public computer or someone else’s wifi/ethernet, then all bets are off and it then becomes very complicated if not impossible to track everything…. Unless of course you involve law enforcement.
The point I am making is this: We cannot say it is impossible to track an IP address. It is possible in some very limited instances and if the person on the other end is not savvy enough to understand how the internet works.
Do I make any sense here?
In your friend’s case, it was possible to trace the source of the attempted hack because she has physical access to the router with that IP address. If a hack is serious enough for law enforcement to be involved, they can get the courts to allow them to get ahold of the ISP records and identify the source of the hack. In other words, it’s possible technically to identify the source of the hack, but there are legal obstacles.
We need better (and properly enforced) internet privacy laws.