All Vendors
data_enrichment

Enrow

Enrow (email enrichment) exhibits session recording (C07), consent bypass (C09), and aggressive persistence (C13). Email validation feeds identity graph with cross-session tracking.

16 IOCs35 detections34% pre-consent34 sites
70
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Enrow discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

35 detections across 34 sites34% pre-consent activity
HIGH

Pre-Consent Activity

Enrow was observed loading and executing before user consent was obtained on 34% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown - requires claims extraction via CDT

Observed Behavior

Runtime evidence shows C07/C09/C13 patterns

Customer Impact

What This Means For You

Persistence (C13) defeats cookie deletion and privacy browser modes. Email enrichment creates permanent identity tie. Session recording captures sensitive form data. Consent bypass eliminates lawful basis for all processing.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Enrow

  • Audit localStorage/IndexedDB for persistent identifiers
  • Confirm consent before enrichment tracking
  • Review data retention: can users delete persistent tracking?

If You're Evaluating Enrow

  • Test with privacy browser: does tracking survive cookie deletion?
  • Ask: what data persists in localStorage?
  • Verify privacy policy discloses persistent tracking mechanisms

Negotiation Leverage

  • C13 persistence via localStorage survives cookie deletion. How do users exercise deletion rights?
  • C07 session recording captures email entry. Is this disclosed in privacy policy?
  • C09 consent bypass eliminates lawful basis for processing. How do you enforce consent-first operation?
Runtime Detections

Runtime Detections

3 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C07Session Recording

Full session replay

BTI-C09Consent Bypass

Ignoring CMP signals

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

IOC Manifest

15 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*www.enrow.com/js/fitty.js*
Tracking script
TRACK
*www.enrow.com/odf/js/odf.js*
Tracking script
TRACK
www.enrow.com/js/fitty.min.js
Auto-extracted from scan
TRACK
www.enrow.com/odf/js/odf.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Email verification + B2B prospecting stack. Often paired with Clearbit, ZoomInfo, email validation APIs. Persistence mechanisms enable long-term tracking.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

16 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details