All Vendors
fraud_detection
Adquality

Adquality

AdQuality, a French digital marketing agency within BAE Groupe, claims it does not sell or share data with third parties while running 31 distinct third-party vendors on its site — including competitive intelligence tools TrenDemon, HGInsights, and Firmable.

189 IOCs43 detections2% pre-consent42 sites
80
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Adquality discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

43 detections across 42 sites2% pre-consent activity1 critical disclosure gap
CRITICAL

Disclosure Gap

31 distinct third-party vendors detected on site

GDPR Art 13GDPR Art 14ePrivacy Directive
MEDIUM

Pre-Consent Activity

Adquality was observed loading and executing before user consent was obtained on 2% of sites where it was detected.

GDPRePrivacy
HIGH

No-Share Claim Violation

31 vendors receive data from site visitors

GDPR Art 5(1)(a)Consumer Protection Laws
HIGH

Undisclosed Party

Not in privacy policy

HIGH

Undisclosed Sharing

Hidden data recipients

Disclosure Gaps

Claims vs. Observed Behavior

3 gaps
1 CRIT1 HIGH1 MED
Classified:BTI-X01BTI-X02BTI-X05

Disclosure Gap

GDPR Art 13 · GDPR Art 14 · ePrivacy DirectiveCRITICAL
They Claim

Privacy policy mentions only generic web hosting provider

Observed Behavior

31 distinct third-party vendors detected on site

Runtime scan of adquality.fr detected DoubleClick, GoogleAds, GA4, TrenDemon, HGInsights, Firmable, and 25 other vendors

No-Share Claim Violation

GDPR Art 5(1)(a) · Consumer Protection LawsHIGH
They Claim

Nous ne vendons ni ne partageons vos informations avec des tiers (We do not sell or share with third parties)

Observed Behavior

31 vendors receive data from site visitors

Third-party scripts actively loading and transmitting data

Customer Impact

What This Means For You

YOUR campaign data managed through AdQuality flows through a vendor ecosystem of 31 while their privacy policy mentions only a generic web hosting provider. YOUR advertising performance metrics — which campaigns convert, which audiences engage, which creatives perform — pass through a platform with undisclosed connections to TrenDemon, HGInsights, and Firmable competitive intelligence tools. YOUR trust in their no data sharing claim is contradicted by 31 vendors detected at runtime. Under GDPR, YOUR records of processing must account for AdQuality's actual vendor chain, not their single generic disclosure.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Adquality

  • Request complete list of all third-party vendors they deploy on your properties
  • Audit your site for undisclosed trackers after their implementation
  • Require contractual disclosure obligations for all data recipients including TrenDemon, HGInsights, and Firmable
  • Review data processing agreement scope against 31 detected vendors

If You're Evaluating Adquality

  • Request complete vendor list and compare against the single generic disclosure before signing
  • Verify the no data sharing claim against runtime evidence showing 31 third-party vendors
  • Compare with other French agencies on vendor transparency and GDPR compliance
  • Require contractual representations matching their no data sharing marketing claim

Negotiation Leverage

  • No data sharing claim: AdQuality claims no third-party data sharing while 31 vendors detected — use this direct contradiction to negotiate contractual representations with penalties
  • Competitive intelligence vendors: TrenDemon, HGInsights, and Firmable on adquality.fr — use this to negotiate restrictions on campaign intelligence flowing to competitive tools
  • 31-vendor disclosure gap: Only generic web hosting mentioned — require complete named vendor disclosure as a contract condition
  • BAE Groupe subsidiary: Data flows may extend beyond AdQuality — negotiate restrictions on data sharing within the BAE Groupe corporate family
Runtime Detections

Runtime Detections

6 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07Session Recording

Full session replay

BTI-C09Consent Bypass

Ignoring CMP signals

BTI-C10Fingerprinting

Device identification

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

IOC Manifest

185 INDICATORS

Indicators of compromise across 3 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*adquality.fr/wp-includes/js/jquery/jquery-migrate.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/case-addons/assets/js/libs/waypoints.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/case-addons/assets/js/libs/isotope.pkgd.js*
Tracking script
TRACK
*adquality.fr/wp-includes/js/jquery/jquery.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/case-addons/assets/js/main.js*
Tracking script
TRACK
*adquality.fr/wp-includes/js/dist/hooks.js*
Tracking script
TRACK
*adquality.fr/wp-includes/js/dist/i18n.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/contact-form-7/includes/swv/js/index.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/contact-form-7/includes/js/index.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/elements/assets/js/parallax.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/elements/assets/js/elementor.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/elements/assets/js/grid.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.js*
Tracking script
TRACK
*adquality.fr/wp-includes/js/jquery/ui/core.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/elements/assets/js/effects.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/woocommerce/js/woocommerce.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/menu.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor/assets/js/frontend.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/nice-select.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/theme.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/hover.umd.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor/assets/js/frontend-modules.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/cookie.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/modernizr.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/gsap/SplitText.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/wow.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/magnific-popup.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor-pro/assets/js/frontend.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor-pro/assets/js/elements-handlers.js*
Tracking script
TRACK
*adquality.fr/wp-includes/js/imagesloaded.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/gsap/ScrollTrigger.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/elements/assets/js/swiper.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/gsap/gsap.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/case-addons/assets/js/libs/swiper/swiper.js*
Tracking script
TRACK
*adquality.fr/wp-content/themes/mouno/assets/js/libs/threejs.js*
Tracking script
TRACK
*adquality.fr/wp-includes/js/wp-emoji-release.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor/assets/js/shared-frontend-handlers.*.bundle.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor/assets/js/video.*.bundle.js*
Tracking script
TRACK
*adquality.fr/wp-content/plugins/elementor/assets/js/text-editor.*.bundle.js*
Tracking script
TRACK
adquality.fr/wp-includes/js/jquery/jquery.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-includes/js/jquery/jquery-migrate.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/case-addons/assets/js/libs/waypoints.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/case-addons/assets/js/libs/isotope.pkgd.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/case-addons/assets/js/main.js
Auto-extracted from scan
TRACK
adquality.fr/wp-includes/js/dist/hooks.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-includes/js/dist/i18n.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/contact-form-7/includes/js/index.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-includes/js/jquery/ui/core.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor/assets/js/frontend.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/case-addons/assets/js/libs/swiper/swiper.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-includes/js/imagesloaded.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/elements/assets/js/grid.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/elements/assets/js/elementor.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/elements/assets/js/parallax.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/elements/assets/js/effects.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/elements/assets/js/swiper.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/gsap/gsap.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/gsap/ScrollTrigger.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/threejs.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/hover.umd.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/magnific-popup.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/wow.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/nice-select.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/modernizr.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/woocommerce/js/woocommerce.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/theme.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/menu.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/gsap/SplitText.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/themes/mouno/assets/js/libs/cookie.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-includes/js/wp-emoji-release.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor/assets/js/shared-frontend-handlers.4c8abccc3e268b0767b2.bundle.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor/assets/js/video.87291d1f5076f8939c18.bundle.min.js
Auto-extracted from scan
TRACK
adquality.fr/wp-content/plugins/elementor/assets/js/text-editor.abc8f59c62f2820dc25a.bundle.min.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

AdQuality operates as a subsidiary of BAE Groupe, a French digital marketing holding company founded by the same team in 2021. They position themselves as Google, Meta, and Microsoft certified partners for traffic acquisition. Their ecosystem footprint shows heavy reliance on Google stack (Ads, Analytics, DoubleClick, Tag Manager) plus connections to audience enrichment vendors (HGInsights, Firmable, TrenDemon), programmatic platforms (Sonobi, Connexity), and various advertising networks. As an agency, they likely deploy similar or more extensive vendor stacks on client properties.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

189 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details