Requests

Coming into the Requests assignment, I feel pretty numb about being surveilled. As someone who’s been “online” and an active user of social media for almost a decade, I already have an awareness that I’m being tracked. I’ve always balanced out any anxiety of being tracked with the knowledge that my data is a drop in the ocean of all the data that exists out there on the Internet. I feel that I am blending into a crowd rather than being targeted, as it were. I also feel that part of the “contextual integrity” with my awareness is that if I use these platforms, I should expect my data to be collected and used. 

As I started the Requests exercise, I tried Twitter/X and Reddit as my first targets. Surprisingly, I did not see as many different trackers as I had expected. Everything was stored in all the API calls that those websites were calling. Everything on X had a Twitter server request and everything on Reddit via Reddit. It felt as if those were opaque and their tracking hidden in whatever they’ve set up in their vast environments with decades worth of knowledge. 

I wondered about sites that would trigger a lot of requests from all sorts of providers. First, I thought of old websites like Ebaumsworld that were once popular but now forgotten. Had these once giant domains sold off their website to a bunch of rabid marketers? Second, I thought of sites that stream sports “unofficially.” If I were to use such a site hypothetically, I have heard that there are a lot of strange popups to sift through. Those definitely have more going on behind the scenes. 

First, I ventured to the old internet site Ebaumsworld, which used to be the hotspot for memes in the mid-to-late 2000s. This site did prove full of advertising trackers as there are several companies lurking upon entry of this site:

• Blogherads
• Hotjar
• Quantcast
• Chartbeat
• Permutive (which I saw had my postal zip code and some confidence scores? Likely AI used – not fun)

Chartbeat was particularly funny because it had a whole explanation ready when I visited their link. I wonder if they’ve gotten vicious complaints or lawsuits. 

In Ebaumsworld without me clicking anything, there were a lot of Javascript scripts operating. For some reason, seeing a script present is more alarming to me than a regular HTTP request from a company. Even though obviously, so many scripts are running just to show any webpage online. As I clicked on videos on Ebaumsworld (which now looks like some unholy chimera of Buzzfeed and I can Haz Cheezburger), more scripts kept appearing in the requests. 

Current

2005 (retvrn)

Having coded in Javascript so much here at ITP, I really want to know what the heck they’re doing. I suppose seeing a script instead of just a company name creates the feeling that I’m being acted upon as a single person/piece of data rather than hidden in a crowd. 

After grieving over the old internet, I went to an illicit sports streaming site, FawaNews (not watching any games there, never). Immediately (again not having clicked any stream), I see the DailyMail is checking in on me.

I realized with the Request Interceptor that I could easily send requests back. I tried this with st.chatango.com (used for the chatroom function?) and received this:

From glancing at the code, it handles cases for Android and iPhone so I assume this is for the annoying chat room in the illegal sports site (which no one should ever read or use). Aside from that, there were a lot of images loaded for the game icons as well as plenty of advertising and analytics companies. 

One request that looked more odd than the rest was: https://ukankingwithea.com/

When I copied and pasted this website into another browser, I received: 

48142728473060|1742412113

I don’t know what that’s about. 

Anyway, I clicked on a sports stream and may or may not have been watching a random soccer game. As the site was streaming the game, it kept repeating one request for the video stream ( assume): //fi.okarisa.cfd/hls/ZRRAAAA.m3u8 

How do these sites (there are so many of them) get all these videos without being caught? And apparently, it’s easy enough to access these videos but there appears to be extra hurdles of security to bypass, more so than the average user would know. 

Also, I found a pixel generated that is tracking something on Fawanews.

I can’t say I felt cozy during any point of this exercise. I guess I realized that my reflection online consists of a lot of scripts, numbers, and private requests. I still don’t feel special online (nor do I want to).