Instantly share code, notes, and snippets.

Embed
What would you like to do?

Script URL substrings used to detect the embeddings from the companies offering session replay services

  • mc.yandex.ru/metrika/watch.js
  • mc.yandex.ru/metrika/tag.js
  • mc.yandex.ru/webvisor/
  • fullstory.com/s/fs.js
  • d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
  • ws.sessioncam.com/Record/record.asmx
  • userreplay.net
  • script.hotjar.com
  • insights.hotjar.com/api
  • clicktale.net
  • smartlook.com
  • decibelinsight.net
  • quantummetric.com
  • inspectlet.com
  • mouseflow.com
  • logrocket.com
  • salemove.com
  • d10lpsik1i8c69.cloudfront.net # luckyorange.com
@deathping1994

This comment has been minimized.

Show comment
Hide comment
@deathping1994

deathping1994 commented Nov 22, 2017

you forgot https://vwo.com/

@Firminator

This comment has been minimized.

Show comment
Hide comment
@Firminator

Firminator commented Nov 24, 2017

Thanks!

@monzta

This comment has been minimized.

Show comment
Hide comment
@monzta

monzta Nov 29, 2017

@deathping1994 Do you know their script URL substring?

monzta commented Nov 29, 2017

@deathping1994 Do you know their script URL substring?

@gunesacar

This comment has been minimized.

Show comment
Hide comment
@gunesacar

gunesacar Nov 30, 2017

you forgot https://vwo.com/

Thanks for the heads up!

Let me just note that this list should not be considered as comprehensive, as explained in this comment:
https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/#comment-28470

Owner

gunesacar commented Nov 30, 2017

you forgot https://vwo.com/

Thanks for the heads up!

Let me just note that this list should not be considered as comprehensive, as explained in this comment:
https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/#comment-28470

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment