Findymail | Vendor Intelligence

How This Briefing Works

This report opens with key findings, then maps the gaps between what Findymail discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

1 detection across 1 site100% pre-consent activity

CRITICAL

Pre-Consent Activity

Findymail was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy

Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

Customer Impact

What This Means For You

Legal teams face consent bypass liability with zero operational benefit (tool provides backend enrichment, not website functionality). Marketing teams inherit GDPR violation risk without visibility into deployment method. Budget owners pay for capability that creates legal exposure through implementation approach.

Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Findymail

→Verify deployment uses API-only integration (no website script)
→Confirm sales team accesses Findymail portal directly, not via website tag
→Request written confirmation that no client-side tracking occurs

If You're Evaluating Findymail

→Require vendor to demonstrate API-only integration capability before contract
→Demand contractual liability shift for any consent bypass violations
→Evaluate alternative enrichment tools with confirmed backend-only architecture (Clearbit API, ZoomInfo API)

Negotiation Leverage

→Findymail creates consent liability through website deployment when API integration eliminates need for client-side presence
→Vendor must contractually guarantee API-only integration or assume 100% liability for consent violations
→Request technical architecture review: if enrichment works without website tag, why does tag exist?
→Comparable tools (Hunter API, Clearbit API) provide same capability without client-side deployment risk

Runtime Detections

1 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Script loads and initializes before user consent, creating per-visitor violation liability. Enforcement agencies can assess fines based on total visitor counts, not actual data collected.

IOC Manifest

57 INDICATORS

Indicators of compromise across 3 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK

*www.findymail.com/js/main.js*

Tracking script

TRACK

*www.findymail.com/cdn-cgi/scripts/*/cloudflare-static/email-decode.js*

Tracking script

TRACK

*www.findymail.com/psible/js/script.js*

Tracking script

TRACK

www.findymail.com/js/main.min.js

Auto-extracted from scan

TRACK

www.findymail.com/psible/js/script.js

Auto-extracted from scan

TRACK

www.findymail.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Auto-extracted from scan

Ecosystem

Ecosystem & Supply Chain

Findymail operates in the B2B data enrichment space alongside Hunter, Lusha, and ZoomInfo. Unlike higher-risk competitors that deploy session replay or cross-domain syncing, Findymail maintains minimal runtime footprint. Primary integration: sales/marketing automation platforms for contact discovery.

Loads (1)

Crisp

Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

61 detection signatures across scripts, domains, cookies, and network endpoints