All Vendors
deanon

Enrichley

Enrichley is a deanon vendor with a VRS of 80, combining aggressive behavioral monitoring with identity resolution to unmask anonymous visitors. The platform represents Oracle, Broker, and Counselor threats through signal corruption (25), demand signal subsidization to competitors (90), and severe legal tail risk (100). Detected techniques include defeat devices, behavioral biometrics, session recording, consent bypass, and fingerprinting.

157 IOCs3 detections100% pre-consent2 sites
90
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Enrichley discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

3 detections across 2 sites100% pre-consent activity
CRITICAL

Pre-Consent Activity

Enrichley was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown

Observed Behavior

Requires claims extraction via CDT

Customer Impact

What This Means For You

Marketing teams deploying Enrichley gain short-term visibility into anonymous traffic but inherit three critical liabilities: (1) Measurement corruption as deanonymization false positives pollute attribution models, (2) Competitive intelligence leakage as visitor data feeds the broader identification network, (3) Regulatory exposure from behavioral biometrics and consent bypass creating per-violation fine risk. The platform's black-box methodology makes it impossible to audit identification accuracy or data sharing practices.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Enrichley

  • Demand contractual transparency on identification methodology and match rate accuracy
  • Require data processing agreement explicitly prohibiting visitor data sharing with other customers
  • Implement consent-first deployment where behavioral capture only activates after explicit opt-in
  • Configure CRM integration to log all enrichment data sources for GDPR Article 15 compliance

If You're Evaluating Enrichley

  • Request third-party audit of consent bypass mechanisms and post-rejection tracking
  • Evaluate alternative visitor identification tools with documented GDPR compliance
  • Consider first-party identification strategies (gated content, progressive profiling) that don't rely on third-party data networks
  • Assess total cost of ownership including legal review, compliance monitoring, and potential regulatory defense

Negotiation Leverage

  • Enrichley VRS 80 = Broker (90) + Counselor (100) threat. Demand transparency on data sharing practices and consent mechanisms before renewal.
  • Behavioral biometrics (BTI-C06) + session recording (BTI-C07) = special category data under GDPR. Require explicit legal basis documentation and DPA amendment.
  • Consent bypass (BTI-C09) detected in runtime observation. Request technical remediation plan with third-party verification or consider contract termination.
  • Match rate accuracy directly impacts attribution model integrity. Demand SLA on false positive rates and methodology transparency.
  • Visitor data sharing across customer base = competitive intelligence leakage. Negotiate exclusive data processing or seek alternative vendors.
  • Ask: What is the documented legal basis for behavioral biometrics collection? How are individuals notified? What is the opt-out mechanism? Expect vague answers.
Runtime Detections

Runtime Detections

7 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

Impact: Tag-level deception allows Enrichley to present different behavior to privacy tools versus actual data collection, defeating user consent mechanisms and creating regulatory liability.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

Impact: Continuous capture of mouse movements, keystroke dynamics, and scroll patterns creates unique user signatures that enable cross-device tracking and persistent identification even after cookie deletion.

BTI-C07Session Recording

Full session replay

Impact: Full session capture including form inputs, page interactions, and navigation paths creates PII exposure risk and enables behavioral profiling that users cannot detect or control.

BTI-C08Cross-Domain Sync

Identity stitching

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Tracking continues after rejection, violating the foundational principle of user choice and creating per-violation GDPR fines of €20M or 4% global revenue.

BTI-C10Fingerprinting

Device identification

Impact: Browser and device fingerprinting creates persistent identifiers that survive cookie deletion, defeating user privacy controls and creating long-term tracking liability.

BTI-C14Identity Resolution

PII deanonymization

IOC Manifest

IOC Manifest

154 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

EXFIL
*enrichley.com/cdn-cgi/scripts/*/cloudflare-static/email-decode.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/*-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/webpack-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/layout-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/main-app-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/not-found-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/cdn-cgi/challenge-platform/scripts/jsd/main.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/892-*.js*
Data collection endpoint
EXFIL
*enrichley.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/*/main.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/pricing/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichley-vs-hunter/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichley-vs-scrubby/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichley-vs-zerobounce/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichley-vs-neverbounce/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichment/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichley-vs-bouncer/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/enrichley-vs-clearout/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/return-policy/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/privacy-policy/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/catch-all-verifier/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/terms-of-service/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/blog/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/developers/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/use-cases/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/roi-calculator/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/integrations/page-*.js*
Data collection endpoint
EXFIL
*enrichley.com/_next/static/chunks/app/faq/page-*.js*
Data collection endpoint
EXFIL
enrichley.com/_next/static/chunks/webpack-441c68e8c7141c1e.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/4bd1b696-f785427dddbba9fb.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/1255-29325acccda77703.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/main-app-c66e18c17eb216fa.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/2619-3c9e02e22d10480a.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/layout-f5fe393e22966c19.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/not-found-f4c40b5e435b4b79.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/9272-034697d8d3fcd70b.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/6507-bd932792ba8fb96e.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/6045-e9a408eba7168c39.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/4854-26308a46c2cf4fe7.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/5210-54e987e450592485.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/1398-f51e4743a7221514.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/5378-684aeaca2c784883.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/1363-d52745e366a117e6.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/3302-ef5941038a3d724b.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/892-94e89cc94ec41bea.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/page-92063001657520aa.js
Auto-extracted from scan
EXFIL
enrichley.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Auto-extracted from scan
EXFIL
enrichley.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Auto-extracted from scan
EXFIL
enrichley.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7f3d2ee44814/main.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/pricing/page-d8db1978d759e9a5.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/1148-f2aeaa39e434313b.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/4925-073f2c0b69962c96.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichley-vs-zerobounce/page-15463f2c22c33e28.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichley-vs-hunter/page-15463f2c22c33e28.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichley-vs-scrubby/page-eaa7bfcf477a64df.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichment/page-abda5bfe02e0c884.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichley-vs-clearout/page-15463f2c22c33e28.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichley-vs-neverbounce/page-eaa7bfcf477a64df.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/enrichley-vs-bouncer/page-eaa7bfcf477a64df.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/catch-all-verifier/page-8ac195597e86c1d2.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/terms-of-service/page-5ce24376f4ddee4d.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/return-policy/page-5ce24376f4ddee4d.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/privacy-policy/page-7dfe57a17a964b17.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/5623-6b396d5639f26793.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/developers/page-ddc8129c1e64ff69.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/6207-c3a131eca081ff16.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/blog/page-c888826ed14a2df8.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/use-cases/page-2d1f3688b59074b6.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/roi-calculator/page-7dfe57a17a964b17.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/integrations/page-d83675be8427b917.js
Auto-extracted from scan
EXFIL
enrichley.com/_next/static/chunks/app/faq/page-5fe9d5b687abc136.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Enrichley participates in the B2B visitor identification ecosystem alongside competitors like Clearbit, Demandbase, and 6sense. The platform likely shares identified visitor data across its customer base to improve match rates, meaning your website traffic becomes training data for competitor intelligence. Integration with CRM systems (Salesforce, HubSpot) creates bidirectional data flow where identified visitors are enriched with external data sources.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

157 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details