All Vendors
dsp

Moloco

Programmatic advertising DSP with cross-domain tracking and persistent identity resolution feeding proprietary ad network.

8 IOCs1 detections1 sites
35
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Moloco discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

1 detection across 1 site
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Requires claims extraction via CDT

Observed Behavior

Live website analysis pending

Customer Impact

What This Means For You

Marketing teams gain ML-driven campaign optimization but organization feeds visitor behavioral data directly to advertising platform. Every conversion tracked subsidizes Moloco's ability to target your prospects across their publisher network. Persistent tracking creates consent obligations that may conflict with privacy commitments and create regulatory exposure.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Moloco

  • Conversion API implementation to control data shared with Moloco platform
  • Server-side event forwarding to minimize client-side tracking footprint
  • Audience exclusion lists to prevent targeting of your first-party visitors

If You're Evaluating Moloco

  • Privacy Sandbox compatibility signals for future tracking evolution
  • First-party data clean room integration to limit raw data exposure
  • Alternative DSPs with transparent attribution and minimal client-side tracking

Negotiation Leverage

  • Request contractual limits on using your conversion data to train Moloco's ML models or enrich network-wide targeting
  • Demand transparency into downstream data sharing with publishers and SSP partners in their bidding ecosystem
  • Negotiate data residency commitments and explicit controls over cross-border data movement within Moloco infrastructure
Runtime Detections

Runtime Detections

2 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C08Cross-Domain Sync

Identity stitching

Impact: Synchronizes user identity across advertiser properties and publisher inventory to enable cross-site targeting and attribution

BTI-C13Persistence Mechanisms

Long-lived identifiers

Impact: Deploys aggressive storage persistence to maintain user tracking across privacy actions and browser sessions

IOC Manifest

IOC Manifest

3 INDICATORS

Indicators of compromise across 2 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

No indicators in this category

Ecosystem

Ecosystem & Supply Chain

Performance advertising DSP competing against Google DV360 and The Trade Desk in mobile and commerce categories. Part of programmatic infrastructure where advertiser tracking feeds network-wide intelligence.
Loads (1)
Onetrust
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

8 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details