The short answer is that this is not possible from server driven code (meaning JS that’s loaded from a server).

And it should not be possible either. That ability (even if authorized) could be used for very nefarious purposes. The potential security holes are huge. I understand that you say that it’s an authorized tool by the user. But think of the social engineering aspects. I could make a seemingly benign or useful tool to the user, but in the background collect all sorts of important and dangerous information to sell or use for worse tasks.

Now, with that said, it may be possible to write an extension for the browser for this task. But that violates the “install nothing” comment that you made. Short of that, it’s not possible and it should not be possible.

One other possibility would be to not use cookies at all for this task. If you’re goal is to track what kids are using on the browser, why not just use a proxy? Set up a proxy that tracks and filters everything on a computer. Then either block unwanted sites, or simply log their usage for later review. Sure, a smart user could change their proxy settings, but that’s a limitation for any solution (especially one reliant upon cookies, they could just clear all cookies before closing the browser, or configure the browser to do so for them).

So, in short, I’d suggest finding another solution to your problem. The one which you seek won’t work and would be very dangerous even if it did…