How This Briefing Works
This report opens with key findings, then maps the gaps between what Influ2 discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Key Findings
6 detections across 6 sites83% pre-consent activity
CRITICAL
Pre-Consent Activity
Influ2 was observed loading and executing before user consent was obtained on 83% of sites where it was detected.
GDPRePrivacy
Disclosure Gaps
Claims vs. Observed Behavior
1 gaps
pending
UNKNOWN
They Claim
“Unknown”
Observed Behavior
Requires claims extraction via CDT
Customer Impact
What This Means For You
Marketing teams using Influ2 for person-based advertising inherit catastrophic liabilities: (1) Attribution corruption as individual-level ad tracking creates false precision in campaign effectiveness, (2) Targeting strategy exposure as person-level ad delivery reveals account lists and campaign priorities to competitors, (3) Severe GDPR exposure from identity resolution without consent creating per-impression violation risk. The platform's core value proposition—identifying who saw your ads—is fundamentally incompatible with privacy regulations.
Recommended Actions
What To Do About It
Role-specific actions based on observed behavior
If You Use Influ2
- →Immediately audit Influ2 deployment for consent bypass and identity resolution without user notification
- →Demand contractual prohibition on viewer identification data sharing across customer base
- →Request legal review of person-based advertising compliance with GDPR transparency requirements
- →If continuing use, implement explicit consent mechanism before identity resolution activates
If You're Evaluating Influ2
- →Consider whether person-based advertising benefits justify severe regulatory exposure and competitive intelligence leakage
- →Evaluate alternative ABM platforms using account-level targeting without individual identification
- →Request third-party audit of identity resolution methodology and data sharing practices
- →Assess whether platform's core functionality can be made GDPR-compliant or if architecture is fundamentally non-compliant
Negotiation Leverage
- →Influ2 VRS 80 = Broker (100) + Counselor (95) threat. Person-level ad targeting exposes campaign strategy to competitors. This is existential risk.
- →Identity resolution (BTI-C14) of ad viewers without consent = systematic GDPR violation. The platform's core value proposition violates privacy law.
- →Consent bypass (BTI-C09) demonstrates willful non-compliance. No technical remediation exists; platform architecture requires viewer identification without consent.
- →Cross-domain sync (BTI-C08) links ad impressions to website behavior, creating comprehensive surveillance. Individuals are tracked without notification.
- →Competitive intelligence exposure: If competitors use Influ2, they may observe which individuals see your ads, revealing target account lists.
- →Ask: What is the legal basis for ad viewer identification? How are individuals notified? What is the opt-out mechanism? Expect no satisfactory answers.
- →Recommendation: Legal review required before deployment. Platform's core functionality likely violates GDPR Articles 13-14. Consider contract termination.
Runtime Detections
Runtime Detections
5 BTI-C CODES
BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.
BTI-C06Behavioral Biometrics
Keystroke/mouse tracking
Impact: Mouse tracking and engagement patterns captured from ad impressions feed behavioral profiles used to identify individual viewers.
BTI-C08Cross-Domain Sync
Identity stitching
Impact: Cookie syncing across publishers and your website enables viewer tracking from initial ad impression through site conversion.
BTI-C09Consent Bypass
Ignoring CMP signals
Impact: Ad viewer identification continues without explicit user consent, violating foundational privacy rights and creating GDPR violation liability.
BTI-C14Identity Resolution
PII deanonymization
Impact: Linking anonymous ad impressions to named individuals enables persistent surveillance that users cannot detect or control, violating privacy expectations.
BTI-C15Tag Manager
Container/loader (neutral)
IOC Manifest
IOC Manifest
144 INDICATORS
Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
TRACK
*www.influ2.com/_build/BhAxIsgX.js*
Tracking script
TRACK
*www.influ2.com/_build/DwWX4rlN.js*
Tracking script
TRACK
*www.influ2.com/_build/BArre8r9.js*
Tracking script
TRACK
*www.influ2.com/_build/YuiVpkpQ.js*
Tracking script
TRACK
*www.influ2.com/_build/C44SGZRm.js*
Tracking script
TRACK
*www.influ2.com/tracker*
Tracking script
TRACK
*www.influ2.com/_build/DQ7Vxrpm.js*
Tracking script
TRACK
*www.influ2.com/_payload.json*
Tracking script
TRACK
*www.influ2.com/_build/builds/meta/*-901a-4b35-a5f1-*.json*
Tracking script
TRACK
*www.influ2.com/_build/zgUvK7Ji.js*
Tracking script
TRACK
*www.influ2.com/_build/BpSTvRnv.js*
Tracking script
TRACK
*www.influ2.com/_build/Ck8Me6iM.js*
Tracking script
TRACK
*www.influ2.com/_build/DDagAjaY.js*
Tracking script
TRACK
*www.influ2.com/_build/DKcL7CXh.js*
Tracking script
TRACK
*www.influ2.com/_build/Dfxcq1qq.js*
Tracking script
TRACK
*www.influ2.com/_build/bxWh6z4C.js*
Tracking script
TRACK
*www.influ2.com/_build/4cSD8wJ_.js*
Tracking script
TRACK
*www.influ2.com/_build/Ky7DiP1d.js*
Tracking script
TRACK
*www.influ2.com/_build/DeO_ffSa.js*
Tracking script
TRACK
*www.influ2.com/_build/CRvp4bUb.js*
Tracking script
TRACK
*www.influ2.com/_build/Cg6jQ_4K.js*
Tracking script
TRACK
*www.influ2.com/_build/DqwwyNiv.js*
Tracking script
TRACK
*www.influ2.com/_build/_0a8RpPz.js*
Tracking script
TRACK
*www.influ2.com/product/_payload.json*
Tracking script
TRACK
*www.influ2.com/blog/_payload.json*
Tracking script
TRACK
*www.influ2.com/whats-new/_payload.json*
Tracking script
TRACK
*www.influ2.com/case-studies/_payload.json*
Tracking script
TRACK
*www.influ2.com/library/_payload.json*
Tracking script
TRACK
*www.influ2.com/about-us/_payload.json*
Tracking script
TRACK
*www.influ2.com/_build/Cn_DhCQ7.js*
Tracking script
TRACK
*www.influ2.com/_build/Bn5uYjaw.js*
Tracking script
TRACK
*www.influ2.com/product/contact-level-intent/_payload.json*
Tracking script
TRACK
*www.influ2.com/_build/3yt4mlsJ.js*
Tracking script
TRACK
*www.influ2.com/product/contact-level-ads/_payload.json*
Tracking script
TRACK
*www.influ2.com/_build/qG9NarsQ.js*
Tracking script
TRACK
*www.influ2.com/product/custom-buyer-journeys/_payload.json*
Tracking script
TRACK
*www.influ2.com/_build/CVzN3qgs.js*
Tracking script
TRACK
*www.influ2.com/product/revenue-reporting/_payload.json*
Tracking script
TRACK
*www.influ2.com/_build/CII2c3f6.js*
Tracking script
TRACK
*www.influ2.com/_build/DBjhpKTo.js*
Tracking script
TRACK
*www.influ2.com/forrester-contact-level-abm-report/_payload.json*
Tracking script
TRACK
www.influ2.com
Tracking script
TRACK
www.influ2.com/tracker
Auto-extracted from scan
TRACK
www.influ2.com/_build/DQ7Vxrpm.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/BhAxIsgX.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/DwWX4rlN.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/BArre8r9.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/YuiVpkpQ.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/C44SGZRm.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/zgUvK7Ji.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/Cg6jQ_4K.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/4cSD8wJ_.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/Ck8Me6iM.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/DDagAjaY.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/DqwwyNiv.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/Dfxcq1qq.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/BpSTvRnv.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/bxWh6z4C.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/DKcL7CXh.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/Ky7DiP1d.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/DeO_ffSa.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/CRvp4bUb.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/_0a8RpPz.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/Bn5uYjaw.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/Cn_DhCQ7.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/3yt4mlsJ.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/qG9NarsQ.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/CVzN3qgs.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/CII2c3f6.js
Auto-extracted from scan
TRACK
www.influ2.com/_build/DBjhpKTo.js
Auto-extracted from scan
Ecosystem
Ecosystem & Supply Chain
Influ2 operates within the account-based marketing ecosystem alongside Demandbase, 6sense, and RollWorks. The platform integrates with ad networks (LinkedIn, programmatic DSPs) and CRM systems to enable closed-loop tracking from ad impression to conversion. Identity resolution likely relies on data cooperative models where viewer identifications from one customer improve match rates for others, creating systematic competitive intelligence sharing.
Loads (1)
Evidence
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
HAR Capture
Complete network capture with all requests and responses
IOC Manifest
144 detection signatures across scripts, domains, cookies, and network endpoints