I know that can be done, but am not convinced all computers show that.
If java script is fully allowed, you may be correct.
The actual IP address can be spoofed, I never have, but the bad guys can and do spoof location. And then there are the people who use VPN to a search engine to not show original IP.
In the past, I did have a website for a couple of years. Long ago. Many websites are not data collectors. They are the ones who are not interested in click bate.
It wasn’t the site it was the metrics that collected the data.
If you own the metrics...