The requests are not made, because some operating systems prevent this.
If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser )
Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point.
The other browsers likely have similar configs, but this is what I have found.
It seems like they only make the localhost requests on your first visit. If you open devtools in incognito mode (or just clear the cookies) before accessing https://ceac.state.gov/genniv/ you should see those 127.0.0.1 attempts as ERR_CONNECTION_REFUSED in the network tab.
Somewhat more worryingly, Little Snitch doesn't report them at all, though that might just be because they were already blocked at the browser.
The requests are not made, because some operating systems prevent this.
If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser )
Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point.
The other browsers likely have similar configs, but this is what I have found.
Looks like this is new to MacOS 15 Sequoia, as I don’t see a Local Network option in Sonoma.
I have no ideea. Possibly that's a limitation of Chrome+Firefox developer tools (I get the feeling it's the same code)?
But I found what "burp" is: https://portswigger.net/burp/communitydownload
It seems like they only make the localhost requests on your first visit. If you open devtools in incognito mode (or just clear the cookies) before accessing https://ceac.state.gov/genniv/ you should see those 127.0.0.1 attempts as ERR_CONNECTION_REFUSED in the network tab.
Somewhat more worryingly, Little Snitch doesn't report them at all, though that might just be because they were already blocked at the browser.
This is what I see.
https://i.imgur.com/lvjg2YQ.png
> 400_random_url_with_numbers_403
That looks so much like test code that was shipped to prod.
Searches for that string on GH does return results.