All Vendors
dsp

Koddi

Koddi operates demand-side platform infrastructure with aggressive behavioral targeting achieving 100/100 CAC subsidization through bid stream data monetization. Six BTI codes including consent bypass create maximum 100/100 legal exposure while feeding programmatic intelligence networks.

54 IOCs14 detections29% pre-consent13 sites
80
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Koddi discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

14 detections across 13 sites29% pre-consent activity
HIGH

Pre-Consent Activity

Koddi was observed loading and executing before user consent was obtained on 29% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown

Observed Behavior

Requires claims extraction via CDT

Customer Impact

What This Means For You

Media buyers lose competitive advantage as bid strategies leak through auction participation. Data teams discover targeting segments in competitor campaigns within hours. Legal inherits maximum GDPR/CCPA exposure from bid stream data sharing. CFO faces direct revenue leakage as every auction subsidizes competitor intelligence gathering.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Koddi

  • Audit bid stream data sharing clauses in Koddi DPA—broad syndication rights documented
  • Extract auction logs showing user data exposure to competing bidders
  • Map targeting segments to competitor programmatic campaign appearance

If You're Evaluating Koddi

  • Quantify bid strategy leakage through win rate correlation analysis
  • Calculate CAC increase from competitor bid optimization using your data
  • Document GDPR Article 6 violations from processing without lawful basis

Negotiation Leverage

  • Koddi bid stream participation exposes user data to 50-200 bidders per impression—uncontrolled syndication
  • 100/100 CAC subsidization as every auction trains competitor targeting models
  • Consent bypass (C09) initiates auction before user authorization—GDPR violations timestamped
  • Cross-domain sync (C08) creates distributed surveillance network across programmatic ecosystem
  • Behavioral biometrics (C06) expose granular intent signals competitors use for conquest campaigns
  • 100/100 legal exposure represents maximum regulatory risk in programmatic advertising
  • Evidence pack includes bid stream captures showing data exposure to competitor DSPs
Runtime Detections

Runtime Detections

6 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

Impact: Programmatic pixels bypass browser privacy controls through auction participation

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

Impact: Real-time user intent signals captured from page context and interaction patterns

BTI-C07Session Recording

Full session replay

Impact: Auction context includes page content and user journey state for targeting refinement

BTI-C08Cross-Domain Sync

Identity stitching

Impact: Bid stream data shared across all auction participants creates distributed tracking network

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Auction participation initiates on page load before consent resolution

BTI-C10Fingerprinting

Device identification

Impact: Device and browser fingerprints enable cross-session bid optimization

IOC Manifest

IOC Manifest

46 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*koddi.com/wp-content/cache/min/1/*.js*
Tracking script
TRACK
*koddi.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.js*
Tracking script
TRACK
*koddi.com/wp-content/cache/min/1/wp-content/themes/koddi/public/js/app.e91eb5.js*
Tracking script
TRACK
*koddi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js*
Tracking script
TRACK
*koddi.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/*/main.js*
Tracking script
TRACK
*koddi.com/wp-content/uploads/*/01/lottie-ads_optimized.json*
Tracking script
TRACK
koddi.com/wp-content/cache/min/1/3358537.js
Auto-extracted from scan
TRACK
koddi.com/wp-content/cache/min/1/wp-content/themes/koddi/public/js/app.e91eb5.js
Auto-extracted from scan
TRACK
koddi.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Auto-extracted from scan
TRACK
koddi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Auto-extracted from scan
TRACK
koddi.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Koddi integrates with Google Ad Manager and major SSPs, creating programmatic auction chains where every impression exposes user data to 50-200 bidders. Common in travel and retail where margin pressure drives aggressive programmatic deployment.
Loads (1)
Hubspot
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

54 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details