← field notes

How the Internet Guesses Where You Are

you open a website you have never visited, and somehow it already knows. the prices are in the local currency, the language is right, a banner says looks like you are in singapore and offers the local version of everything. it feels like the site reached out and touched the front door. but nobody told that website anything. there was no address book to look someone up in. it made a fast, confident guess from a map that is mostly educated assumptions stitched together, and that map, the one quietly deciding what country the whole internet thinks a person lives in, is wrong more often than anyone admits.

this is how the internet figures out where someone is from nothing but a number, why it works, and why it fails in ways that matter.

there is no map inside the number

start with what a person actually notices. local prices, the right language, a weather widget, an advert for a shop down the road. all of it flows from one thing, the network address a device is handed when it connects. websites read that number and translate it into a place, and the result is usually close enough that nobody questions it.

but the number itself contains no location at all. it never did. people picture a network address like a postal address, with a country and a city baked in somewhere. it has neither. it is just an identifier, a label so traffic can find its way back, the way a phone number does not say which room of the house someone stands in.

so every time a site greets someone by their city, something behind the scenes has matched that bare number against a separate map, built and maintained by someone else, that claims this range of numbers tends to sit over here. the whole illusion rests on that external map being right. and the map is a guess made of several weaker guesses.

how the map is built

the first and most solid source is registration data. the big blocks of network addresses are formally handed out to internet providers, companies and universities, and that ownership is public record. anyone can look up which provider controls a block and where it is based, yielding a rough country, sometimes a region. but it is coarse. a single provider might serve an entire nation from one registration, so it gives the country and not whether the user sits in the capital or a village five hundred kilometers away. registration is the skeleton of the map, accurate at the large scale and useless at the small one.

to sharpen the picture, mapmakers gather the clues services quietly volunteer over time. a provider often names its equipment after the city it sits in, or publishes routing details that hint at geography. some apps, with permission, report a real location once and tie it loosely to a network address, which feeds back into the maps. these breadcrumbs let the map descend from country toward city. but every one is a soft signal. a label can be stale, a hint can be copied from somewhere else, and any of a thousand little assumptions can quietly be out of date.

the third source is the cleverest and the most physical. it is possible to measure roughly where an address sits by timing how long signals take to reach it from many known points around the world. light and electricity move fast but not instantly, so a number that answers quickly from one city and slowly from another is probably nearer the first. by triangulating these timings, mapmakers can place an address without anyone telling them where it is. it is impressive, but an estimate with error bars, easily thrown off by the strange paths data takes through the network, paths that often have nothing to do with straight line distance.

a probability, not a fact

step back and see what geolocation really is. not the lookup of a known fact but a confidence weighted blend of registration records, volunteered hints and physical measurement, combined into a best guess with a probability attached. the better services even state how sure they are, high confidence for the country and much lower for the city. the precise looking number that names a neighborhood is, underneath, a bet, right often enough to be useful and wrong often enough to hurt anyone who treats it as gospel.

where the map fails

the failures are not rare edge cases, they are everywhere. a large company might route all of its offices, in dozens of countries, through one central exit, so everyone appears to be in a single city that none of them live in. mobile networks are worse. a phone’s traffic often surfaces through a gateway far from the actual handset, so the map places the user in a different region entirely. and across much of the internet many users now share a small pool of addresses through a translation layer, which smears their locations into one ambiguous point. in these cases the map is not slightly off. it is confidently, specifically wrong, and it has no way to know it.

there is one more reason it is shakier than it looks, and it is simply time. address blocks are not handed out once and frozen forever. they get traded, leased, reassigned and moved between providers and even between countries as supply runs tight. a block that sat in one city last year might be serving a completely different region today, under a new owner who never told the mapmakers. so it is not just an estimate, it is one constantly going stale at the edges. the databases are forever chasing the changes, re measuring and re registering, because an unattended map quietly rots into being wrong. the location shown is only ever as fresh as the last time someone bothered to check.

why a proxy changes it instantly

this is also why routing traffic through a proxy or a private network tunnel changes an apparent location so easily. the site is not detecting where a person physically is. it is reading the address the traffic arrives from and looking that up on the map. route the traffic through a machine in another country and the site reads that machine’s address instead, finds it on the map, and concludes the user is wherever that machine sits. the geography was never measured directly, it was inferred from the address, so changing the address changes the answer. this is why location based blocking is so leaky. it is guarding a guess.

who leans on it, and what breaks

streaming services use this shaky map to decide what is allowed to play, shops to set prices and currencies, banks and platforms to judge whether a login looks suspicious. and when it is wrong, real people pay. someone travelling gets locked out of their own account because the map says they are somewhere implausible. a customer is shown the wrong currency and overcharged. an innocent person is flagged because their mobile traffic surfaced in a city they have never visited. the map’s confidence becomes the user’s problem, and they almost never get to see why.

the defensive view

here is the part that matters for anyone building these systems. the ones who do it well never trust geolocation on its own. they treat it as exactly what it is, one weak signal among many, and they cross check it. does the claimed location agree with the device’s own timezone and language settings. does it match where this account usually appears. has it jumped impossibly far in an impossibly short time. a single location reading proves almost nothing. it is the agreement, or the contradiction, between several independent signals that actually carries weight. the careful systems ask not where does the map say this is, but does this whole story hang together. that shift, from trusting one guess to weighing many, is the difference between a system that is easily fooled and one that is hard to.

the same question serves an ordinary reader. when a service blocks a login or refuses a purchase off an apparent location, the honest thing to ask is not why it thinks they are there, but why it trusts a single weak guess so heavily. the well built ones do not, and they leave room for the plain truth that the map is simply wrong this time.

the privacy double edge

there is a quieter edge worth naming. the same map that conveniently shows local prices is also a map that profiles. every site a person visits can place them roughly, without asking, feeding the picture advertisers and platforms build of who they are. it is the familiar double edge this channel keeps running into. the technology that makes the internet feel local and personal is the very same technology that quietly tracks where everyone is, all the time, as a side effect of how the network was built. convenience and exposure are the same machine.

what it is really about

the internet feels like it knows exactly where someone is, and that feeling is built almost entirely on confident guessing, a bare number blended with public records, volunteered hints and timing into a probability presented as fact. once that is clear a lot of strange moments make sense, the lockout while travelling, the wrong currency, the block on something that should be reachable. behind all of them is the same humble truth. the internet does not know where anyone is. it has a strong opinion, and it holds it a little too tightly.

it is the recurring shape this channel keeps finding. not one clean trick but a stack of imperfect signals holding an uneasy line, a map of guesses dressed up as a fact, useful precisely because almost nobody looks too closely at how it was made.

The Hidden Internet takes apart the systems that quietly run the modern web, explained from the inside. No products, just the machinery. Subscribe on YouTube.

watch
The Hidden Internet on YouTube

Every field note starts as a short documentary. Watch the systems in this piece explained on screen.

subscribe →
read on
More field notes

The rest of the series on how the modern internet detects, tracks, and sorts the traffic that reaches it.

browse the archive →