How This Briefing Works
This report opens with key findings, then maps the gaps between what Liquidm discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Analysis pending. Findings will appear here once intelligence collection is complete.
Claims vs. Observed Behavior
Pending Analysis
“Claims extraction pending”
CDT analysis needed — DSPs deploy cross-domain sync and cookie matching infrastructure
What This Means For You
What To Do About It
Role-specific actions based on observed behavior
If You Use Liquidm
- →monitor for scanner detections
- →audit programmatic tag deployment
If You're Evaluating Liquidm
- →recon investigation for cross-domain sync and cookie matching behavior
Negotiation Leverage
- →Baseline detection only — DSPs require behavioral analysis for accurate risk assessment
- →Demand-side platforms operate extensive cross-domain tracking by design
- →Review bid stream data sharing and audience segment retention policies
IOC Manifest
Indicators of compromise across 2 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
No indicators in this category
Ecosystem & Supply Chain
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
Complete network capture with all requests and responses
3 detection signatures across scripts, domains, cookies, and network endpoints