urlscan.io logo urlscan.io
SecurityTrails logo

app.fullstory.com Open in urlscan Pro
34.160.115.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fsty.io/v/b9Ccupz6
Effective URL: https://app.fullstory.com/v/b9Ccupz6
Submission: On February 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 34.160.115.200, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is app.fullstory.com. The Cisco Umbrella rank of the primary domain is 240901.
TLS certificate: Issued by R3 on January 31st 2024. Valid for: 3 months.
This is the only time app.fullstory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 34.160.115.200 15169 (GOOGLE)
6 34.149.167.40 396982 (GOOGLE-CL...)
15 3
Apex Domain
Subdomains		 Transfer
9 fullstory.com
app.fullstory.com — Cisco Umbrella Rank: 240901
700 KB
7 fsty.io
fsty.io — Cisco Umbrella Rank: 283302
analytics.staging.fsty.io — Cisco Umbrella Rank: 286342
103 KB
15 2
Domain Requested by
9 app.fullstory.com app.fullstory.com
6 analytics.staging.fsty.io app.fullstory.com
analytics.staging.fsty.io
1 fsty.io 1 redirects
15 3

This site contains no links.

Subject Issuer Validity Valid
*.fullstory.com
R3		 2024-01-31 -
2024-04-30		 3 months crt.sh
analytics.staging.fsty.io
GTS CA 1D4		 2024-02-10 -
2024-05-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.fullstory.com/v/b9Ccupz6
Frame ID: 4C6D9956B5379BC2A231DC021B763CEA
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

View shared session | FullStory

Page URL History Show full URLs

  1. https://fsty.io/v/b9Ccupz6 HTTP 307
    https://app.fullstory.com/v/b9Ccupz6 Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

875 kB
Transfer

1743 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fsty.io/v/b9Ccupz6 HTTP 307
    https://app.fullstory.com/v/b9Ccupz6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request b9Ccupz6
app.fullstory.com/v/
Redirect Chain
  • https://fsty.io/v/b9Ccupz6
  • https://app.fullstory.com/v/b9Ccupz6
6 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
20929304601f44830e86ba62c38c57d6ebce9661b53d8ec293307bd209411ecd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' app.fullstory.com app.fullstory.com *.appcues.com *.appcues.net cdn.cookielaw.org fonts.googleapis.com stackpath.bootstrapcdn.com; img-src * blob: data:; frame-src 'self' play.fullstory.com accounts.google.com *.appcues.com content.googleapis.com fast.wistia.net js.stripe.com hpdcfnlcgmgn.statuspage.io www.google.com/recaptcha/ *.osano.com; font-src 'self' fonts.gstatic.com github.com data: app.fullstory.com; connect-src 'self' rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com api.fullstory.com edge.fullstory.com analytics.staging.fsty.io www.googleapis.com *.bugsnag.com *.sentry.io *.launchdarkly.com *.appcues.com *.appcues.net cdn.cookielaw.org js.stripe.com stats.g.doubleclick.net storage.googleapis.com *.google-analytics.com *.osano.com analytics.google.com *.analytics.google.com ws: wss:; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' app.fullstory.com app.fullstory.com edge.fullstory.com analytics.staging.fsty.io rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com accounts.google.com *.appcues.com *.appcues.net cdn.cookielaw.org code.jquery.com d2wy8f7a9ursnm.cloudfront.net *.osano.com js.stripe.com stackpath.bootstrapcdn.com static.segment.com www.googletagmanager.com www.google-analytics.com app.launchdarkly.com hpdcfnlcgmgn.statuspage.io www.gstatic.com/recaptcha/ www.google.com/recaptcha/; script-src-elem 'unsafe-inline' 'self' app.fullstory.com app.fullstory.com edge.fullstory.com analytics.staging.fsty.io rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com accounts.google.com *.appcues.com *.appcues.net cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com d2wy8f7a9ursnm.cloudfront.net *.osano.com js.stripe.com static.segment.com www.googletagmanager.com www.google-analytics.com app.launchdarkly.com hpdcfnlcgmgn.statuspage.io www.gstatic.com/recaptcha/ www.google.com/recaptcha/ data:; worker-src 'self' blob:; report-to csp-endpoint; report-uri https://o4504480373276672.ingest.sentry.io/api/4504555302682624/security/?sentry_key=52c1b10041a04748a31afb5ca122837e
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy
default-src 'none'; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' app.fullstory.com app.fullstory.com *.appcues.com *.appcues.net cdn.cookielaw.org fonts.googleapis.com stackpath.bootstrapcdn.com; img-src * blob: data:; frame-src 'self' play.fullstory.com accounts.google.com *.appcues.com content.googleapis.com fast.wistia.net js.stripe.com hpdcfnlcgmgn.statuspage.io www.google.com/recaptcha/ *.osano.com; font-src 'self' fonts.gstatic.com github.com data: app.fullstory.com; connect-src 'self' rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com api.fullstory.com edge.fullstory.com analytics.staging.fsty.io www.googleapis.com *.bugsnag.com *.sentry.io *.launchdarkly.com *.appcues.com *.appcues.net cdn.cookielaw.org js.stripe.com stats.g.doubleclick.net storage.googleapis.com *.google-analytics.com *.osano.com analytics.google.com *.analytics.google.com ws: wss:; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' app.fullstory.com app.fullstory.com edge.fullstory.com analytics.staging.fsty.io rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com accounts.google.com *.appcues.com *.appcues.net cdn.cookielaw.org code.jquery.com d2wy8f7a9ursnm.cloudfront.net *.osano.com js.stripe.com stackpath.bootstrapcdn.com static.segment.com www.googletagmanager.com www.google-analytics.com app.launchdarkly.com hpdcfnlcgmgn.statuspage.io www.gstatic.com/recaptcha/ www.google.com/recaptcha/; script-src-elem 'unsafe-inline' 'self' app.fullstory.com app.fullstory.com edge.fullstory.com analytics.staging.fsty.io rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com accounts.google.com *.appcues.com *.appcues.net cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com d2wy8f7a9ursnm.cloudfront.net *.osano.com js.stripe.com static.segment.com www.googletagmanager.com www.google-analytics.com app.launchdarkly.com hpdcfnlcgmgn.statuspage.io www.gstatic.com/recaptcha/ www.google.com/recaptcha/ data:; worker-src 'self' blob:; report-to csp-endpoint; report-uri https://o4504480373276672.ingest.sentry.io/api/4504555302682624/security/?sentry_key=52c1b10041a04748a31afb5ca122837e
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 13:04:18 GMT
referrer-policy
origin-when-cross-origin
report-to
{'group':'csp-endpoint','max_age':31536000,'endpoints':[{'url':'https://o4504480373276672.ingest.sentry.io/api/4504555302682624/security/?sentry_key=52c1b10041a04748a31afb5ca122837e'}],'include_subdomains':true}
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 13:04:18 GMT
location
https://app.fullstory.com/v/b9Ccupz6
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
fsui.css
app.fullstory.com/s/ 		239 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.fullstory.com/s/fsui.css
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
85bb8bac420958c9e37fc1a9005ac28a763cceb2452a7ee84aae11bc770f987b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/v/b9Ccupz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Wed, 21 Feb 2024 12:54:13 GMT
last-modified
Tue, 20 Feb 2024 18:19:21 GMT
age
605
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36921
app-fonts.css
app.fullstory.com/s/fonts/ 		351 KB
245 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.fullstory.com/s/fonts/app-fonts.css
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2da02617967d520e31dbc48eab19c4da69f901a9bf74fee096070067b6a0403d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/v/b9Ccupz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Wed, 21 Feb 2024 12:54:10 GMT
last-modified
Tue, 20 Feb 2024 17:22:33 GMT
age
608
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250216
es6-shim.min.js
app.fullstory.com/s/lib/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.fullstory.com/s/lib/es6-shim.min.js
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4c79606528eab7b89d35276752f1b2a53b970790b8855f644ae3d8adb8aad7da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/v/b9Ccupz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Wed, 21 Feb 2024 12:54:29 GMT
last-modified
Tue, 20 Feb 2024 18:19:21 GMT
age
589
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15952
fs-logo-white-135x39.svg
app.fullstory.com/s/img/svg/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.fullstory.com/s/img/svg/fs-logo-white-135x39.svg
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
68f4cdfa31928fb90652f488282cc25579e95c5e97f076ca9e049bd352d56b9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/v/b9Ccupz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Wed, 21 Feb 2024 02:15:23 GMT
last-modified
Tue, 20 Feb 2024 18:19:21 GMT
age
38935
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1404
newViewer.js
app.fullstory.com/s/ 		336 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.fullstory.com/s/newViewer.js
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c9f59097da7cb50e0bd31c9ff51a85600db644aa93d7a4be6650ce2603c9b07e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/v/b9Ccupz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Tue, 20 Feb 2024 14:26:36 GMT
last-modified
Thu, 15 Feb 2024 17:47:36 GMT
age
81462
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106618
fs.js
analytics.staging.fsty.io/s/ 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.staging.fsty.io/s/fs.js
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/v/b9Ccupz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.167.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.167.149.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4d947dc5ee68eebc0205893f5a6d17eb621ed960658052604852fa58b32555cc

Request headers

Referer
https://app.fullstory.com/
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:14:01 GMT
content-encoding
br
via
1.1 google
age
3018
x-guploader-uploadid
ABPtcPrlW6tvXaFoFZoWhj9vTh3J1lWh7mpXRdqwOKhHkqkBnX1jRHeMKYRlbtyjq8-ZlIcaMZ-LYHXQtw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70439
last-modified
Wed, 21 Feb 2024 09:39:37 GMT
server
UploadServer
etag
"f6ee6b0de9bea9e2463bdddc697ead9b"
vary
Accept-Encoding
x-goog-generation
1708508377163673
x-goog-hash
crc32c=KRlDjg==, md5=9u5rDem+qeJGO93caX6tmw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600,no-transform
x-goog-stored-content-length
70439
accept-ranges
bytes
content-type
application/javascript
bg-view-only-playback-ui.png
app.fullstory.com/s/img/ 		284 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.fullstory.com/s/img/bg-view-only-playback-ui.png
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/s/fsui.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
b1c56e5a912ce22d54f41379b3e08120bd05982d828d55d0cff9c671472f15b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/s/fsui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Wed, 21 Feb 2024 11:33:44 GMT
last-modified
Tue, 20 Feb 2024 17:22:33 GMT
age
5435
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
icons-login.svg
app.fullstory.com/s/img/svg/ 		17 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.fullstory.com/s/img/svg/icons-login.svg
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/s/fsui.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bb3fb8457c144fe6572737e466fe93825bb1c09408b3ed4f9b03ac1c2a8d12d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/s/fsui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Wed, 21 Feb 2024 12:57:47 GMT
last-modified
Tue, 20 Feb 2024 18:19:21 GMT
age
392
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6396
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
450214cf9cbb089075379f8d8a4f36df38014a329627b92c12924c2f1054b4f8

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
google-g.svg
app.fullstory.com/s/img/ 		915 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.fullstory.com/s/img/google-g.svg
Requested by
Host: app.fullstory.com
URL: https://app.fullstory.com/s/fsui.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.115.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.115.160.34.bc.googleusercontent.com
Software
/
Resource Hash
11e3ac1f9e23b192ee4f744777bacd4101baa1289fa6b573456af2fb8dbc33a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/s/fsui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:04:19 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 20 Feb 2024 17:22:33 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5588a17ca396740a4c44abed2e75042bebf486a4cf242d4f0b8c8b3e316f242b

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05666ce94ec37a38b6e294a6bb24b96fe37d324cc92d8b8fb6d4c72d15e22304

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40f88135182c6f2cf9c50da6cf7fcf121df9cca74caaa5e47cb12b828b1f2e07

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
823d19128481d1cc07c3210cded11e51d137e79e72d2c4f97a552c1709a0b679

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
777b4045308d8fa863e4509cc4427ebee9f79061223ee15740ecff09be1fc0f9

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
801c158878e31704c11c86e2b4146b6ad88dc046d804bcf1e2f3154e3664fed5

Request headers

Referer
Origin
https://app.fullstory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-woff
web
analytics.staging.fsty.io/s/settings/thefullstory.com/v1/ 		38 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.staging.fsty.io/s/settings/thefullstory.com/v1/web
Requested by
Host: analytics.staging.fsty.io
URL: https://analytics.staging.fsty.io/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.167.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.167.149.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f1a251de0cdc2625d1e28dc1f14ae62d2e29bac05607f365c8be0e20c574031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:45:24 GMT
content-encoding
gzip
via
1.1 google
age
1135
x-guploader-uploadid
ABPtcPqX6kNlb3HoaLmLcOEN1TaQ9hiNS2zUIIyHL8wCjqILOZaPTDen6yUAdwjdaXrRaQ2SzAM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7378
last-modified
Wed, 21 Feb 2024 12:42:32 GMT
server
UploadServer
etag
"3c56ed54acfb3649d4934b2259798423"
x-goog-generation
1708519352673028
x-goog-hash
crc32c=r0pX+w==, md5=PFbtVKz7NknUk0siWXmEIw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
7378
accept-ranges
bytes
content-type
application/json
page
analytics.staging.fsty.io/rec/ 		38 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.staging.fsty.io/rec/page
Requested by
Host: analytics.staging.fsty.io
URL: https://analytics.staging.fsty.io/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.167.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.167.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e472a4ee830719b3b976c3fbfffbd7e90616061e30dcb532d00222148da7d6b3

Request headers

Referer
https://app.fullstory.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

x-trace-id
d72c015edea821442dbcdce9682cddc0
date
Wed, 21 Feb 2024 13:04:19 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.fullstory.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
integrations
analytics.staging.fsty.io/rec/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.staging.fsty.io/rec/integrations?OrgId=thefullstory.com
Requested by
Host: analytics.staging.fsty.io
URL: https://analytics.staging.fsty.io/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.167.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.167.149.34.bc.googleusercontent.com
Software
/
Resource Hash
4961ee314ad3d249d39fa54c2fc8ca68e0cc13312044bb2ecab95e832c93d425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id
df04551828ac2bc738204c6b47523ccc
date
Wed, 21 Feb 2024 13:04:19 GMT
via
1.1 google, 1.1 google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
latest.js
analytics.staging.fsty.io/datalayer/v4/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.staging.fsty.io/datalayer/v4/latest.js
Requested by
Host: analytics.staging.fsty.io
URL: https://analytics.staging.fsty.io/rec/integrations?OrgId=thefullstory.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.167.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.167.149.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e9cb2dafa252ae54afb3b91b1c30d12761a37459d7e03741268408d9bd106bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.fullstory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:29:18 GMT
content-encoding
gzip
via
1.1 google
age
2101
x-guploader-uploadid
ABPtcPrIYrdvhisgEEpljs2w2k4do70s5JvyGWuulFzl16fIAuxPuy4inSEy0_oM7B0AC31r3nRUS_PZkg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11988
last-modified
Tue, 20 Feb 2024 19:02:37 GMT
server
UploadServer
etag
"383f71e399b6b858d7c6024c6e8d5a23"
x-goog-generation
1708455757621532
x-goog-hash
crc32c=KHRSBw==, md5=OD9x45m2uFjXxgJMbo1aIw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=3600,no-transform
x-goog-stored-content-length
11988
accept-ranges
bytes
v2
analytics.staging.fsty.io/rec/bundle/ 		29 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.staging.fsty.io/rec/bundle/v2?OrgId=thefullstory.com&UserId=66eaf8b2-9440-41e0-9cff-aad6d38762e3&SessionId=d01a0a6f-d99a-440c-a525-b706d7cfb4da&PageId=6818c8f5-26b3-48c4-b720-228820f35a32&Seq=1&ClientTime=1708520660403&PageStart=1708520659393&PrevBundleTime=0&LastActivity=859&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: analytics.staging.fsty.io
URL: https://analytics.staging.fsty.io/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.167.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.167.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c0f8d90ea96892c70e218f242a2ea3b0fb7ebbe0ab052dff5bf69e6b70600bf6

Request headers

Referer
https://app.fullstory.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

x-trace-id
47f0ac7d8f878b36da40e09bbd610f85
date
Wed, 21 Feb 2024 13:04:20 GMT
via
1.1 google, 1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.fullstory.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace string| _fs_app_host function| FS object| returnExports object| _viewerParams string| _fs_loaded function| _fs_shutdown string| _fs_rec_settings_host string| _dlo_appender undefined| _dlo_telemetryExporter number| _dlo_logLevel object| _dlo_beforeDestination boolean| _dlo_previewMode boolean| _dlo_readOnLoad boolean| _dlo_validateRules object| _dlo_rules_adobe_am object| _dlo_rules_ceddl object| _dlo_rules_google_ec object| _dlo_rules_google_ec_ga4 object| _dlo_rules_google_em object| _dlo_rules_google_em_ga4 object| _dlo_rules_tealium_retail object| _dlo_rules_custom object| _dlo_observer

2 Cookies

Domain/Path Name / Value
.fullstory.com/ Name: fs_lua
Value: 1.1708520659392
.fullstory.com/ Name: fs_uid
Value: #thefullstory.com#66eaf8b2-9440-41e0-9cff-aad6d38762e3:d01a0a6f-d99a-440c-a525-b706d7cfb4da:1708520659392::1#/1740056659

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' app.fullstory.com app.fullstory.com *.appcues.com *.appcues.net cdn.cookielaw.org fonts.googleapis.com stackpath.bootstrapcdn.com; img-src * blob: data:; frame-src 'self' play.fullstory.com accounts.google.com *.appcues.com content.googleapis.com fast.wistia.net js.stripe.com hpdcfnlcgmgn.statuspage.io www.google.com/recaptcha/ *.osano.com; font-src 'self' fonts.gstatic.com github.com data: app.fullstory.com; connect-src 'self' rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com api.fullstory.com edge.fullstory.com analytics.staging.fsty.io www.googleapis.com *.bugsnag.com *.sentry.io *.launchdarkly.com *.appcues.com *.appcues.net cdn.cookielaw.org js.stripe.com stats.g.doubleclick.net storage.googleapis.com *.google-analytics.com *.osano.com analytics.google.com *.analytics.google.com ws: wss:; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' app.fullstory.com app.fullstory.com edge.fullstory.com analytics.staging.fsty.io rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com accounts.google.com *.appcues.com *.appcues.net cdn.cookielaw.org code.jquery.com d2wy8f7a9ursnm.cloudfront.net *.osano.com js.stripe.com stackpath.bootstrapcdn.com static.segment.com www.googletagmanager.com www.google-analytics.com app.launchdarkly.com hpdcfnlcgmgn.statuspage.io www.gstatic.com/recaptcha/ www.google.com/recaptcha/; script-src-elem 'unsafe-inline' 'self' app.fullstory.com app.fullstory.com edge.fullstory.com analytics.staging.fsty.io rs.fullstory.com rs-2.fullstory.com analytics.staging.fsty.io rs.staging.fullstory.com rs-2.staging.fullstory.com accounts.google.com *.appcues.com *.appcues.net cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com d2wy8f7a9ursnm.cloudfront.net *.osano.com js.stripe.com static.segment.com www.googletagmanager.com www.google-analytics.com app.launchdarkly.com hpdcfnlcgmgn.statuspage.io www.gstatic.com/recaptcha/ www.google.com/recaptcha/ data:; worker-src 'self' blob:; report-to csp-endpoint; report-uri https://o4504480373276672.ingest.sentry.io/api/4504555302682624/security/?sentry_key=52c1b10041a04748a31afb5ca122837e
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.staging.fsty.io
app.fullstory.com
fsty.io
34.149.167.40
34.160.115.200
05666ce94ec37a38b6e294a6bb24b96fe37d324cc92d8b8fb6d4c72d15e22304
0f1a251de0cdc2625d1e28dc1f14ae62d2e29bac05607f365c8be0e20c574031
11e3ac1f9e23b192ee4f744777bacd4101baa1289fa6b573456af2fb8dbc33a8
20929304601f44830e86ba62c38c57d6ebce9661b53d8ec293307bd209411ecd
2da02617967d520e31dbc48eab19c4da69f901a9bf74fee096070067b6a0403d
40f88135182c6f2cf9c50da6cf7fcf121df9cca74caaa5e47cb12b828b1f2e07
450214cf9cbb089075379f8d8a4f36df38014a329627b92c12924c2f1054b4f8
4961ee314ad3d249d39fa54c2fc8ca68e0cc13312044bb2ecab95e832c93d425
4c79606528eab7b89d35276752f1b2a53b970790b8855f644ae3d8adb8aad7da
4d947dc5ee68eebc0205893f5a6d17eb621ed960658052604852fa58b32555cc
5588a17ca396740a4c44abed2e75042bebf486a4cf242d4f0b8c8b3e316f242b
68f4cdfa31928fb90652f488282cc25579e95c5e97f076ca9e049bd352d56b9a
777b4045308d8fa863e4509cc4427ebee9f79061223ee15740ecff09be1fc0f9
801c158878e31704c11c86e2b4146b6ad88dc046d804bcf1e2f3154e3664fed5
823d19128481d1cc07c3210cded11e51d137e79e72d2c4f97a552c1709a0b679
85bb8bac420958c9e37fc1a9005ac28a763cceb2452a7ee84aae11bc770f987b
b1c56e5a912ce22d54f41379b3e08120bd05982d828d55d0cff9c671472f15b9
bb3fb8457c144fe6572737e466fe93825bb1c09408b3ed4f9b03ac1c2a8d12d9
c0f8d90ea96892c70e218f242a2ea3b0fb7ebbe0ab052dff5bf69e6b70600bf6
c9f59097da7cb50e0bd31c9ff51a85600db644aa93d7a4be6650ce2603c9b07e
e472a4ee830719b3b976c3fbfffbd7e90616061e30dcb532d00222148da7d6b3
e9cb2dafa252ae54afb3b91b1c30d12761a37459d7e03741268408d9bd106bb6