Ian Littman / @iansltx
follow along at https://ian.im/scrape0721
That data gets to a normal user over HTTPS (at least in most cases)
You may need to look at what gets stored in localStorage/sessionStorage.