Run Your First Scan
This guide walks through manually initiating a scan and interpreting results.
Scan Types
Quick Scan
- Homepage only
- ~30 seconds
- Good for initial assessment
Full Scan
- Homepage + configured page types
- ~2-5 minutes
- Comprehensive coverage
Deep Scan
- All discovered pages
- ~10-30 minutes
- Maximum coverage, higher resource usage
Initiating a Scan
From Console
- Navigate to your site in Sites
- Click the Scan button
- Select scan type
- Click Start Scan
From Command Line
# Using the BLACKOUT scanner directly
node scanner.js --url https://example.com --output results.jsonWhat the Scanner Detects
During each scan, BLACKOUT captures:
| Category | What's Detected |
|---|---|
| Scripts | All JavaScript loaded (first and third-party) |
| Cookies | Cookie names, values, domains, expiration |
| Network | All HTTP requests with full request/response data |
| Storage | localStorage, sessionStorage, IndexedDB access |
| Consent | Consent banner interactions and timing |
Understanding Results
Detection Structure
{
"vendor_id": "rb2b",
"vendor_name": "RB2B",
"bti_categories": ["visitor_identification", "crm_enrichment"],
"confidence": 95,
"evidence": {
"script_urls": ["https://tag.rb2b.com/..."],
"cookies_set": ["_rb2b_session"],
"data_exfil": ["email", "company"]
}
}Evidence Fields
- script_urls: Where the vendor's code loaded from
- cookies_set: Cookies created by this vendor
- data_exfil: Data observed leaving to vendor domains
- piggyback_chain: Other vendors loaded by this vendor
Scan States
| State | Meaning |
|---|---|
queued | Waiting in scan queue |
running | Scan in progress |
completed | Scan finished successfully |
failed | Scan encountered an error |
⚠️
Scans may fail if the target site blocks headless browsers or requires authentication.
Next Steps
- Understanding Findings — Deep dive into detection results
- Drift Detection — Monitor for changes over time