All Vendors
platform

Screenshotone

Screenshotone exhibits visual surveillance capabilities with behavioral biometrics, session recording, and consent bypass. Screenshot infrastructure creates unique privacy threat when visual capture activates before consent resolution.

77 IOCs1 detections100% pre-consent1 sites
70
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Screenshotone discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

1 detection across 1 site100% pre-consent activity
CRITICAL

Pre-Consent Activity

Screenshotone was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

visual_surveillance

HIGH
They Claim

Pending claims extraction

Observed Behavior

Runtime shows visual capture active before consent with behavioral tracking

Customer Impact

What This Means For You

Teams gain screenshot capabilities but expose visual content through behavioral tracking and session recording (Reaper). Legal teams face consent bypass liability from pre-consent visual capture. Security teams must evaluate privacy exposure from screenshot infrastructure capturing sensitive visual data.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Screenshotone

  • Audit screenshot trigger timing against consent framework
  • Map visual capture scope and content sensitivity
  • Document session recording integration with screenshot infrastructure
  • Verify DPA covers visual data capture and privacy requirements

If You're Evaluating Screenshotone

  • Require consent-first screenshot activation with visual capture disabled pre-consent
  • Demand disclosure of visual data retention and processing methodology
  • Negotiate liability provisions covering visual privacy violations
  • Evaluate screenshot alternatives with consent-aware triggering

Negotiation Leverage

  • C06+C07+C09 visual surveillance: Demand DPA rewrite requiring consent before ANY visual capture
  • Request written confirmation of consent-gated screenshot activation
  • Require audit rights covering visual data handling and retention
  • Negotiate data retention limits for screenshot and visual capture data
Runtime Detections

Runtime Detections

3 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07Session Recording

Full session replay

BTI-C09Consent Bypass

Ignoring CMP signals

IOC Manifest

IOC Manifest

73 INDICATORS

Indicators of compromise across 3 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*screenshotone.com/_astro/page.B1D-nYk3.js*
Tracking script
TRACK
*screenshotone.com/_astro/ec.8zarh.js*
Tracking script
TRACK
*screenshotone.com/_astro/client.DtaPL1Nt.js*
Tracking script
TRACK
*screenshotone.com/scripts/animation.js*
Tracking script
TRACK
*screenshotone.com/_astro/HeaderNavigationMenu.zOYBRBog.js*
Tracking script
TRACK
*screenshotone.com/_astro/index.CYBVpogK.js*
Tracking script
TRACK
*screenshotone.com/_astro/clsx.DMx7G6dA.js*
Tracking script
TRACK
*screenshotone.com/_astro/index.oGHbXFJ7.js*
Tracking script
TRACK
*screenshotone.com/_astro/index.D7X-o_SW.js*
Tracking script
TRACK
*screenshotone.com/_astro/index.B8VZFjbg.js*
Tracking script
TRACK
*ph.screenshotone.com/static/array.js*
Tracking script
TRACK
*ph.screenshotone.com/array/phc_iW83nUdM7AoQzGtU7JbP8xrCvV46BGMlNVTKKFcsJ53/config.js*
Tracking script
TRACK
*ph.screenshotone.com/static/surveys.js*
Tracking script
TRACK
screenshotone.com/_astro/page.B1D-nYk3.js
Auto-extracted from scan
TRACK
ph.screenshotone.com/static/array.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/ec.8zarh.js
Auto-extracted from scan
TRACK
screenshotone.com/scripts/animation.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/HeaderNavigationMenu.zOYBRBog.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/client.DtaPL1Nt.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/index.oGHbXFJ7.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/index.B8VZFjbg.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/clsx.DMx7G6dA.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/index.D7X-o_SW.js
Auto-extracted from scan
TRACK
screenshotone.com/_astro/index.CYBVpogK.js
Auto-extracted from scan
TRACK
ph.screenshotone.com/array/phc_iW83nUdM7AoQzGtU7JbP8xrCvV46BGMlNVTKKFcsJ53/config.js
Auto-extracted from scan
TRACK
ph.screenshotone.com/static/surveys.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Screenshotone operates in visual capture layer, often integrated with monitoring, testing, or analytics platforms. Screenshot infrastructure creates unique privacy exposure when visual capture includes sensitive content. Co-deployment with session recording vendors multiplies visual surveillance surface.
Loads (1)
Crisp
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

77 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details