All Vendors
measurement

Quantcast

Quantcast represents maximum Four Horsemen convergence: Oracle corruption through probabilistic modeling, Broker control via bidstream exposure, Reaper surface through persistent tracking, and Counselor violations via systematic consent bypass. The vendor BLACKOUT was built to expose.

76 IOCs4 detections100% pre-consent3 sites
70
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Quantcast discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

4 detections across 3 sites100% pre-consent activity
CRITICAL

Pre-Consent Activity

Quantcast was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

comprehensive_surveillance

CRITICAL
They Claim

Pending claims extraction

Observed Behavior

Runtime shows all 6 threat codes active simultaneously before consent

Customer Impact

What This Means For You

Marketing teams gain measurement capabilities corrupted by probabilistic modeling (Oracle). Visitor behavior feeds competitor intelligence via bidstream (Broker). Comprehensive tracking creates maximum regulatory exposure (Reaper). Consent bypass activates all threats simultaneously (Counselor). This is why BLACKOUT exists.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Quantcast

  • Immediate audit of all Quantcast contracts for consent language
  • Map complete data flow including bidstream participants
  • Calculate total exposure from persistent cross-domain tracking
  • Document consent bypass timing across all components

If You're Evaluating Quantcast

  • This should not be in evaluation. This should be in removal planning.
  • If required for measurement: Demand consent-first activation with ZERO pre-consent processing
  • Require bidstream exclusivity preventing competitor access
  • Negotiate liability caps covering regulatory penalties from detected violations

Negotiation Leverage

  • Six active BTI codes: This is the threat profile BLACKOUT was built to expose
  • C09 across ALL components: Demand DPA rewrite requiring consent-first activation or accept unlimited liability
  • C07+C08+C13: Require complete visitor data deletion within 24hr of revoked consent
  • Broker exposure: Demand written confirmation that NO visitor data enters bidstream accessible to competitors
  • If renewal required: Treat as comprehensive surveillance infrastructure, not measurement tool
  • Alternative: Replace with consent-respecting measurement (Plausible, Fathom) + first-party attribution
Runtime Detections

Runtime Detections

6 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07Session Recording

Full session replay

BTI-C08Cross-Domain Sync

Identity stitching

BTI-C09Consent Bypass

Ignoring CMP signals

BTI-C13Persistence Mechanisms

Long-lived identifiers

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

IOC Manifest

67 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*www.quantcast.com/assets/meta-utils-Bt9ofIAp.js*
Tracking script
TRACK
*www.quantcast.com/assets/with-props-P4V_Ndyg.js*
Tracking script
TRACK
*www.quantcast.com/assets/entry.client-RggPgG3p.js*
Tracking script
TRACK
*www.quantcast.com/assets/chunk-GNGMS2XR-DTR6na3c.js*
Tracking script
TRACK
*www.quantcast.com/assets/_-BpeZiHes.js*
Tracking script
TRACK
*www.quantcast.com/assets/root-DHLZRemf.js*
Tracking script
TRACK
*www.quantcast.com/assets/index-CqingYmP.js*
Tracking script
TRACK
*www.quantcast.com/assets/builder-registry-CG6g-i8h.js*
Tracking script
TRACK
*www.quantcast.com/assets/builder-react.es5-BI3x51M-.js*
Tracking script
TRACK
*www.quantcast.com/assets/index-Ck7m6mNC.js*
Tracking script
TRACK
*info.quantcast.com/js/forms2/js/forms2.js*
Tracking script
TRACK
*info.quantcast.com/index.php/form/getForm*
Tracking script
TRACK
www.quantcast.com/assets/entry.client-RggPgG3p.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/chunk-GNGMS2XR-DTR6na3c.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/index-CqingYmP.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/root-DHLZRemf.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/with-props-P4V_Ndyg.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/builder-react.es5-BI3x51M-.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/meta-utils-Bt9ofIAp.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/_-BpeZiHes.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/builder-registry-CG6g-i8h.js
Auto-extracted from scan
TRACK
www.quantcast.com/assets/index-Ck7m6mNC.js
Auto-extracted from scan
TRACK
info.quantcast.com/js/forms2/js/forms2.min.js
Auto-extracted from scan
TRACK
info.quantcast.com/index.php/form/getForm
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Quantcast operates at infrastructure level, often deployed via GTM as measurement foundation. Feeds data to advertising platforms, DMPs, and analytics vendors. Creates single point of failure where compromise exposes entire visitor dataset. Frequently co-deployed with other surveillance vendors, multiplying exposure.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

76 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details