Image requests

Image Tracking and Invisible Pixels

A tracking pixel is just an image request with analytics attached. It can show that a resource was loaded, but it has real limits and privacy obligations.

How Image Tracking Works

When a page, email, or document loads an image from a server, that server receives a normal HTTP request. A tracking pixel uses this simple behavior: it gives each campaign or recipient a unique image URL, then records the request when that image is loaded.

The image might be a visible banner, a small transparent image, or a hosted asset inside a document viewer. The tracking is not caused by the pixel being invisible. It is caused by the image request reaching a destination that can log the request.

Plain-language version: the server can log that an image URL was requested. That request can contain IP, time, user-agent, and campaign identifier.

What an Image Request Can Log

IP address The visible source address for the request, which may be a proxy, VPN, mail provider, or shared network.
Timestamp When the image was requested by a browser, app, scanner, or proxy.
User-agent Browser, app, mail client, security scanner, or proxy hints when available.
Campaign key The unique URL or token tied to the image, campaign, message, or document.
Referrer context Sometimes available for web pages, often limited or absent for email and private contexts.
Approximate region IP-derived location estimates, which should be treated as broad context only.

Email and Document Tracking Context

Image tracking is common in email analytics because emails can include remote images. It is also used in hosted document pages and marketing landing pages. In each case, the basic mechanism is the same, but the reliability is different.

Context What can happen Interpretation
Email Images may be blocked, cached, or fetched through privacy proxies. Open events can be useful trends, but not precise read receipts.
Hosted web page Images usually load with the page unless blocked by the browser or network. More reliable than email, but still affected by VPNs and shared networks.
Document viewer A hosted document page can request images or assets when opened. Good for access events, not proof that every page was carefully read.
Security scanning Automated systems may fetch images before a human opens the message. Filter or label likely scanner events when possible.

Important Limits

  • Email clients may block remote images by default.
  • Privacy proxies may fetch images through shared infrastructure.
  • Previews and scanners can create automated opens before a human reads the content.
  • A pixel load does not prove that a specific person read the full message or document.
  • IP geolocation can be approximate, stale, or distorted by VPNs and mobile carrier networks.
  • Repeated image requests can reflect caching behavior, retries, forwarding, or automated checks.

Responsible Use

Use image tracking for aggregate analytics, campaign measurement, security review, or consent-aware document workflows. Do not use hidden pixels for harassment, surprise monitoring, or exaggerated identity claims.

Disclose analytics Explain that image loads, link clicks, or document views may be logged when the context requires notice.
Expect false positives Separate human views from automated scanners, proxy fetches, and previews where possible.
Limit retention Keep raw logs only as long as they serve a clear analytics or security purpose.
Report carefully Use language like "image request" or "open signal" instead of claiming a guaranteed read.

Prefer Clear Analytics

Use tracking pixels as a measurement tool, not as a hidden identity system.

Read legal guide