All Vendors
analytics

Dreamdata

Dreamdata (B2B attribution) exhibits consent bypass (C09) and tag manager deployment (C15). Intelligence gathering begins pre-consent; tag manager grants capability expansion post-deployment.

12 IOCs69 detections14% pre-consent54 sites
70
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Dreamdata discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

69 detections across 54 sites14% pre-consent activity
MEDIUM

Pre-Consent Activity

Dreamdata was observed loading and executing before user consent was obtained on 14% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown - requires claims extraction via CDT

Observed Behavior

Runtime evidence shows C09/C15 patterns

Customer Impact

What This Means For You

Tag manager (C15) = capability drift. You audit contract, but vendor can add tracking partners later via tag updates. Privacy policy becomes outdated immediately; you cannot maintain accurate third-party vendor list.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Dreamdata

  • Request tag manager configuration audit
  • Confirm consent before Dreamdata script loads
  • Review contract for tag update notification requirements

If You're Evaluating Dreamdata

  • Ask: what tags are currently deployed via Dreamdata container?
  • Test: does Dreamdata load before consent banner interaction?
  • Verify privacy policy discloses tag manager third-party loading capability

Negotiation Leverage

  • C15 tag manager means you cannot audit current capabilities from initial review. What tags are deployed today?
  • C09 consent bypass observed. What technical controls enforce consent-first tracking?
  • Tag manager enables post-deployment vendor additions. Does contract require notification before new tags?
Runtime Detections

Runtime Detections

2 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C09Consent Bypass

Ignoring CMP signals

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

IOC Manifest

10 INDICATORS

Indicators of compromise across 5 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

EXFIL
cdn.dreamdata.cloud/scripts/analytics
Data collection endpoint
Ecosystem

Ecosystem & Supply Chain

B2B attribution stack. Often paired with Salesforce, HubSpot, 6sense. Tag manager architecture means Dreamdata can load additional vendors post-deployment without your knowledge.
Loaded By (1)
Criteo
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

12 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details