Open in app

Sign in

Write

Sign in

Browser Fingerprints 101: Geolocation

BrowserScan
4 min readNov 20, 2023

Websites nowadays require accurate user geolocation information to provide personalized services and enhance user experience. This includes tailor-made localized content, local weather forecasts, and nearby promotional offers. By understanding the user’s geographical location, websites can better meet their needs by offering targeted information and services.

As technology advances, websites adopt various methods to acquire user geolocation information. These techniques include IP address geolocation, browser geolocation API, Wi-Fi signals, and mobile network geolocation. Each method has its advantages and limitations, and websites typically choose the most suitable technique based on their requirements and privacy considerations.

This article will delve into the principles behind these techniques, explain how websites utilize them to obtain user geolocation, and discuss how users can safeguard their privacy while enjoying personalized services.

How Websites Know Your Geolocation

IP Address

#1 Gathering the IP Address

When a user enters a website’s URL and requests access, their device sends a request to the website server containing their IP address. The website server receives the request and records the user’s IP address. This is the foundational step upon which subsequent geolocation determination is based.

We all know that both IPv4 and IPv6 addresses consist of a combination of numbers and letters. It is not possible to directly determine the location just by looking at the IP address alone. For example, do you know where the IP address 103.64.99.207 is located?

#2 Mapping the IP Address to Geolocation

This requires the assistance of an IP database, which stores a vast amount of IP addresses mapped to corresponding geolocation information such as country, region, and city.

The website submits the user’s IP address to the IP database for a query. Currently, most IP databases can provide city-level geolocation information. BrowserScan’s IP address lookup tool includes popular IP databases like IP2Location, IPdata, and BrightData, etc. By inputting an IP address, you can query the location associated with that IP address in each database.

Geolocation API

However, due to the use of VPNs and proxy servers, some websites find IP address-based geolocation inadequate for accurately determining user location. Based on principles of user account security, fraud prevention, and platform fairness, websites need to combine other technologies for more precise user geolocation. This is where the Geolocation API provided by HTML5 serves as a foundational technology.

The Geolocation API is a set of JavaScript interfaces within browsers that allow developers to retrieve the geographical location information of a user’s device. Most browsers, such as Chrome, Firefox, and Safari, support this API.

How Websites Use Geolocation API

Step 1: Request User Authorization

Websites use JavaScript code to request user authorization to access their geolocation information. At this point, the browser displays an authorization prompt, and the user decides whether to grant the website access to their location.

Step 2: Retrieve Geolocation Information

Once the user grants authorization, the website invokes the Geolocation API’s appropriate methods to obtain the user’s geolocation. The Geolocation API attempts to gather location data from various sources, including GPS, Wi-Fi, Bluetooth, and other positioning methods. Geolocation data obtained through these methods is often more accurate.

For websites, users may access the site via VPN or proxies. If users inadvertently leak their IP address through other means, websites can cross-reference the geolocation information obtained from multiple sources or IP addresses.

We previously wrote an article on how WebRTC can leak users’ real IP addresses (you can learn more if you’re interested). Even if a user is using a VPN, there is still a possibility of revealing their real IP address. For example, if a user’s real IP address is located in New York, USA, but they access a website with an IP address in Berlin, Germany, the website may compare various technologies to determine the discrepancy in the user’s geolocation. This may result in corresponding actions, such as login restrictions or account suspensions.

You can use BrowserScan to view your geolocation through the Geolocation API, but only after granting authorization will BrowserScan enable this functionality.

How to Prevent It

Unfortunately, as long as you are connected to the Internet, you need an IP address, and websites can use IP databases to lookup your geolocation based on your IP address.

However, please don’t be discouraged. You still have ways to protect your privacy. Whenever you use VPN tools and proxy services, make sure to check if your real IP address is leaked. When using BrowserScan, verify if your IP address matches the IP address obtained through WebRTC, or you can choose to disable WebRTC function in your browser.

We have written a series of articles focused on browser fingerprinting for you. These articles are tailored to provide you with an array of resources, aimed at helping you gain a deeper understanding of browser fingerprinting.

  1. Browser Fingerprinting Guide for Beginners
  2. IP Address
  3. UserAgent
  4. WebRTC Leak
  5. Canvas Fingerprinting
  6. Do Not Track
  7. WebGL Fingerprinting
  8. Geolocation
  9. Language
  10. Media Device & Audio
  11. Client Rects & Font
  12. Port Scanning
  13. Automation Detection
Browser Fingerprinting
Geolocation
Websites For Startups
IP

--

--

BrowserScan

Written by BrowserScan

5 Followers

Am I 100% anonymous? Check your browser fingerprints and IP address to find how your online identity looks👉 www.browserscan.net

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams