False positive for stytch.com
Closed this issue ยท 2 comments
Hi there ๐
I work at a company called Stytch, we offer a suite of authentication APIs to help developers build login flows. One of our customers recently reported that their user, who uses your blocklist, was unable to login to their website because *.stytch.com was added recently.
This domain is used by our frontend JavaScript SDK to power our customer's login flow, i.e. send magic links via email, authenticate passwords, and set and refresh cookies containing the user's session.
I'd love to work with you on removing our domain from your blocklist and am also curious to know how we ended up here to see if there is anything that our SDK was doing that looked suspicious to you.
Hey @chris-stytch, I just double checked our tracker block list and we're not blocking stytch.com. I'm assuming you filed this issue because you saw the stytch.com file in this repo - this repo contains all third-party domains we see in our crawls and their activity. The presence of a domain here doesn't necessarily mean that we see that domain as a tracker, just that we saw it in a crawl of the web. I'm looking into why stytch.com got a fingerprinting score of 3 in our data - it doesn't seem right. I'll follow up on that.
Anyway, it looks like you found the blocking culprit, my guess is your customer must be using that blocklist in their adblocker.
Thanks for your quick follow up @dharb !