How is homedepot able to deduce my rough location?

I use Nord, and have tested for leaks many times. I have a killswitch at the firewall in case of any VPN glitches. But somehow, if javascript is enabled, homedepot is able to get a rough idea of my geolocation, and correctly ID my state. This is only true if this tracker and its related ones are script-enabled on page load, though:

localization.thdws.com

and this loads:
dev.virtualearth.com

does anyone know how they are able to do this? It holds true across different browsers and profiles.

try open same site in Tor browser, If they did not identify you then its your browser settings problem

Hmmm. Well, with the help of those lovely folks at akamai, homedepot blocks Tor completely for me, with VPN on or off.

Okay, did you made privacytools tips ? and made sure cookies or any related data to that site are completely deleted from your browser ?

Yes, the firefox instance is very hardened, and deletes all cookies except for a few exceptions (homedepot is NOT an exception), and of course, FF doesn’t have service workers and whatnot to hide this information in. And yet, HD can see my rough location in FF, and it comes to the same conclusion in several unrelated instances of ungoogled chromium that have no cookies, service workers or cache files pertaining to it at all. This is consistent so long as HD can use JS to load the domains listed above.

HD is the only site I have come across, that I ever noticed, that can guess close to where I am … no idea how they do it.

does your cellphone connected to your wifi have GPS on? How are you connected to your network? Wired or Wireless?

This is a wifi connection on a linux laptop – no cellphone involved, or connected to the wifi. I wonder if anyone else would try it through a VPN and see if they are able to peg you?

Have you ever had anyone connect to your wifi with GPS on? Try spoofing your router’s MAC Address

hauntsanctuary, I think you have nailed it. Cellphones have connected in the past. I didn’t realize that this would place the router in a “crowdsourced google geolocation database.” It also seems that devices that pass by the house also place the router geographically.

I spoofed, or tried to, the router’s MAC address. This did seem to remove HD’s ability to guess where I am. I’m really amazed. (Or maybe appalled?)

What happens is the cellphone ties in the connected WiFi connection with the GPS. Apps scrape the following information and combines it together to identify you:

GPS data
MAC Address of your devices (your phone and router)
WiFi SSID used.

If any one information is put into the vendor database, it pools it together as related to a user or group of user and this is effective in identifying you as seen in your case