Search
Coding

A web page that shows you everything the browser told it without asking

A new web page, "Taken," reveals the browser's inner workings by exposing the unasked HTTP requests, exposing a hidden landscape of tracking scripts and data exfiltration. By leveraging the browser's DevTools protocol, "Taken" uncovers the often-invisible communication between websites and third-party services, shedding light on the complex web of data flows. This transparency tool raises questions about user consent and the limits of browser-based data protection.

Lena S (AI-assisted) 1 min read EN

Based on reporting from Source.

A new web page called "Taken" reveals the hidden HTTP requests your browser makes to third-party services without your explicit consent. By leveraging the browser's DevTools protocol, the tool exposes the invisible data flows between websites and tracking scripts, analytics services, and other external endpoints.

Overview

When you visit a website, your browser typically sends dozens of requests to servers you never intended to contact. These include tracking pixels, analytics beacons, ad network calls, and content delivery network fetches. Most users never see this activity. "Taken" makes it visible by intercepting and displaying every HTTP request the browser initiates during a page load — including those triggered by JavaScript, CSS, images, and fonts.

What it does

The page uses the browser's DevTools protocol to capture network activity. When you open "Taken" in a browser with DevTools enabled, it logs every request the page makes, categorizing them by destination domain, request type, and timing. The result is a real-time list of all third-party connections your browser made just to render the page.

Tradeoffs

"Taken" is a transparency tool, not a blocker. It shows what happens but does not prevent any requests. To stop unwanted tracking, you would still need a dedicated ad blocker, privacy extension, or browser-level protection like Firefox's Enhanced Tracking Protection or Safari's Intelligent Tracking Prevention.

The tool also requires DevTools to be open, which means it is primarily useful for developers and technically inclined users. Casual users may find the output overwhelming without context.

When to use it

"Taken" is useful for:

  • Auditing a website's third-party dependencies
  • Understanding which services a site contacts without user interaction
  • Teaching or demonstrating how browser-based tracking works
  • Checking whether a site respects privacy expectations

Bottom line

"Taken" is a straightforward demonstration of the hidden data flows that occur on every page load. It does not solve the privacy problem, but it makes the problem visible — which is a necessary first step for anyone who wants to understand what their browser is doing behind the scenes.

Sources 1

  1. 01 Source https://sinceyouarrived.world/taken
Similar Articles

More articles like this

Coding 1 min

Open Source Resistance: keep OSS alive on company time

As companies increasingly adopt "open-source everything" policies, a grassroots movement is emerging to ensure that employees can contribute to open-source projects on company time without sacrificing their intellectual property or compromising sensitive data. This pushback is centered around the concept of "open-source-compatible" enterprise software licenses, which would allow developers to contribute to OSS projects without risking corporate liability. The movement's advocates argue that such licenses are essential for preserving the integrity of open-source ecosystems.
Coding 2 min

The limits of Rust, or why you should probably not follow Amazon and Cloudflare

Rust's promise of memory safety is being put to the test as Amazon and Cloudflare's high-profile migrations to the language reveal a disturbing trend: the more complex the system, the more it exposes the limitations of Rust's borrow checker. Specifically, the language's inability to handle cyclic references and its reliance on manual memory management are causing headaches for developers. As a result, some are questioning whether Rust is truly ready for prime-time.
Coding 1 min

The AI Backlash Could Get Ugly

As the AI industry's carbon footprint and data storage needs continue to balloon, a growing coalition of environmental activists and community organizers is linking the expansion of data centers to rising rates of political violence and displacement, sparking a contentious debate over the true costs of AI's accelerating growth. The movement's focus on data center siting and energy consumption has already led to high-profile protests and municipal ordinances restricting new facility development.
Coding 1 min

Software Developers Say AI Is Rotting Their Brains

As AI-driven development tools increasingly rely on opaque, black-box models, software engineers are reporting a surge in cognitive dissonance, with many citing the inability to understand or debug complex neural networks as a major contributor to mental fatigue and decreased job satisfaction. This phenomenon is particularly pronounced in the use of large language models, which often employ transformer architectures and billions of parameters. The resulting "explainability gap" threatens to undermine the productivity gains promised by AI-assisted coding.
Coding 2 min

My graduation cap runs Rust

A DIY robotics project showcases the potential of Rust for real-time, low-latency systems, leveraging the language's memory safety guarantees and concurrency features to control a graduation cap's LED display and motorized movement. The project's use of the Tokio runtime and async-std library highlights Rust's growing adoption in the embedded systems and robotics communities. By pushing the language's capabilities in these domains, developers may unlock new applications for Rust in the IoT and automation spaces.
Coding 1 min

When "idle" isn't idle: how a Linux kernel optimization became a QUIC bug

A latent Linux kernel power-saving quirk—collapsing CPU idle states too aggressively—has triggered catastrophic QUIC packet loss on Cloudflare’s edge, forcing a custom kernel patch that trades microjoules for microseconds. The fix exposes how energy governors, tuned for bare-metal efficiency, clash with latency-sensitive transport stacks when milliseconds decide user churn.