ConvertKit | Vendor Intelligence

How This Briefing Works

This report opens with key findings, then maps the gaps between what ConvertKit discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Analysis pending. Findings will appear here once intelligence collection is complete.

Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

Pending Analysis

UNKNOWN

They Claim

“Claims extraction pending”

Observed Behavior

CDT analysis needed for tracking pixel and behavioral scoring assessment

Customer Impact

What This Means For You

No measurable behavioral risk from current detection data. Marketing automation vendors may deploy web tracking scripts, email pixels, and behavioral scoring that are not visible in signature-only detection.

Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use ConvertKit

→monitor for future scanner detections

If You're Evaluating ConvertKit

→recon investigation for web tracking and behavioral scoring patterns

Negotiation Leverage

→Baseline detection only — behavioral analysis pending
→Marketing automation vendors frequently deploy undisclosed web tracking
→Review tracking pixel scope and behavioral data retention

IOC Manifest

6 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK

f.convertkit.com

Tracking script

Ecosystem

Ecosystem & Supply Chain

ConvertKit operates in the marketing automation ecosystem, providing campaign management, lead nurturing, and behavioral scoring capabilities.

Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

7 detection signatures across scripts, domains, cookies, and network endpoints