All Vendors
measurement

Peer39

Peer39 is a measurement vendor with a VRS of 80, flagged for 6 BTI codes including cross-domain sync (C08), consent bypass (C09), and tag injection (C15). The platform deploys contextual intelligence and brand safety measurement while generating moderate signal corruption (40), maximal cost attribution exposure (100), and full legal tail risk (100).

107 IOCs114 detections4% pre-consent111 sites
80
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Peer39 discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

114 detections across 111 sites4% pre-consent activity
MEDIUM

Pre-Consent Activity

Peer39 was observed loading and executing before user consent was obtained on 4% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown

Observed Behavior

Requires claims extraction via CDT

Customer Impact

What This Means For You

Advertising teams face three core risks: (1) Contextual misclassification distorts campaign performance by blocking safe inventory or allowing brand-unsafe placements, making media efficiency metrics unreliable. (2) Full bidstream visibility reveals targeting strategy, audience segments, and bid behavior to Peer39 infrastructure—intelligence that could inform competitor targeting or vendor product development. (3) Cross-domain tracking with consent bypass creates GDPR/CCPA liability that compliance teams cannot mitigate without removing the vendor from programmatic workflow.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Peer39

  • Require data processing addendum with explicit cross-domain tracking disclosure
  • Demand classification methodology documentation to verify brand safety logic
  • Implement bid filtering transparency to understand what inventory is blocked and why
  • Configure measurement to minimize PII exposure in bidstream data
  • Establish retention limits for behavioral fraud detection profiles

If You're Evaluating Peer39

  • Test consent framework integration to confirm tags respect opt-out preferences
  • Verify geographic data processing boundaries for GDPR compliance
  • Review identity sync mechanisms for fingerprinting and persistent tracking
  • Assess data flows to third-party verification and analytics platforms
  • Request disclosure of secondary data use for vendor intelligence or product development

Negotiation Leverage

  • Peer39 deploys cross-domain tracking and consent bypass across your programmatic inventory—demand contractual liability protection for regulatory violations and explicit DPA terms
  • Full bidstream visibility exposes campaign strategy and media valuation to vendor infrastructure—negotiate limits on secondary data use for competitive intelligence or platform analytics
  • Contextual classification accuracy directly impacts media efficiency but methodology is opaque—require classification appeal process and transparency into what inventory gets blocked
  • Tag manager architecture allows measurement scope changes without advertiser approval—establish change control and measurement audit rights
  • Legal tail risk is 100% with no full technical mitigation—evaluate whether brand safety value justifies regulatory exposure or consider privacy-respecting measurement alternatives
Runtime Detections

Runtime Detections

6 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

Impact: Peer39 can detect brand safety audits and alter content classification during testing, masking actual deployment behavior.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

Impact: Ad interaction patterns (viewability time, scroll depth, engagement signals) create behavioral profiles for fraud detection and targeting.

BTI-C08Cross-Domain Sync

Identity stitching

Impact: Identity synchronization across publisher properties enables visitor tracking throughout the programmatic ecosystem.

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Measurement tags fire regardless of consent state, processing visitor data before or without user permission.

BTI-C10Fingerprinting

Device identification

Impact: Device and environment fingerprinting creates persistent identifiers for fraud detection and cross-site tracking.

BTI-C15Tag Manager

Container/loader (neutral)

Impact: Dynamic tag deployment allows real-time modification of measurement scope across publisher inventory without advertiser review.

IOC Manifest

IOC Manifest

83 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*www.peer39.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js*
Tracking script
TRACK
*www.peer39.com/hubfs/hub_generated/template_assets/1/*/*/template_child.js*
Tracking script
TRACK
*www.peer39.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js*
Tracking script
TRACK
*www.peer39.com/hubfs/hub_generated/template_assets/1/*/*/template_jquery-modal-min.js*
Tracking script
TRACK
*www.peer39.com/hs/hsstatic/content-cwv-embed/static-1.*/embed.js*
Tracking script
TRACK
*www.peer39.com/hubfs/hub_generated/template_assets/1/*/*/template_slick-slider-min.js*
Tracking script
TRACK
*www.peer39.com/hubfs/hub_generated/template_assets/1/*/*/template_clean-pro.js*
Tracking script
TRACK
*www.peer39.com/_hcms/forms/v2.js*
Tracking script
TRACK
*www.peer39.com/hs/hsstatic/HubspotToolsMenu/static-1.624/js/index.js*
Tracking script
TRACK
*www.peer39.com/hs/scriptloader/*.js*
Tracking script
TRACK
www.peer39.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Auto-extracted from scan
TRACK
www.peer39.com/hs/hsstatic/content-cwv-embed/static-1.1293/embed.js
Auto-extracted from scan
TRACK
www.peer39.com/hubfs/hub_generated/template_assets/1/191345003797/1771607374217/template_clean-pro.min.js
Auto-extracted from scan
TRACK
www.peer39.com/hubfs/hub_generated/template_assets/1/191345099948/1771607371830/template_jquery-modal-min.min.js
Auto-extracted from scan
TRACK
www.peer39.com/hubfs/hub_generated/template_assets/1/195516857603/1771607358300/template_child.min.js
Auto-extracted from scan
TRACK
www.peer39.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Auto-extracted from scan
TRACK
www.peer39.com/hubfs/hub_generated/template_assets/1/191345403776/1771607360526/template_slick-slider-min.min.js
Auto-extracted from scan
TRACK
www.peer39.com/_hcms/forms/v2.js
Auto-extracted from scan
TRACK
www.peer39.com/hs/scriptloader/6280585.js
Auto-extracted from scan
TRACK
www.peer39.com/hs/hsstatic/HubspotToolsMenu/static-1.624/js/index.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Peer39 integrates with DSPs (The Trade Desk, DV360), SSPs, and ad verification platforms. The vendor receives bidstream data from programmatic infrastructure while generating contextual and safety signals that influence bid filtering. Integration architecture exposes campaign strategy, targeting parameters, and inventory valuation to vendor analytics, potentially revealing competitive intelligence to other platform participants.
Loads (3)
MetapixelLinkedinHubspot
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

107 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details