Realytics | Vendor Intelligence

How This Briefing Works

This report opens with key findings, then maps the gaps between what Realytics discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

46 detections across 45 sites7% pre-consent activity

MEDIUM

Pre-Consent Activity

Realytics was observed loading and executing before user consent was obtained on 7% of sites where it was detected.

GDPRePrivacy

Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

tv_attribution

HIGH

They Claim

“Pending claims extraction”

Observed Behavior

Runtime shows full tracking suite active before consent for TV attribution

Customer Impact

What This Means For You

Marketing teams gain TV attribution corrupted by probabilistic modeling (Oracle). Cross-device sync exposes visitor behavior to TV ecosystem including media competitors (Broker). Consent bypass across five threat codes creates maximum regulatory risk (Counselor). RevOps faces measurement decisions based on synthetic attribution.

Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Realytics

→Audit TV attribution methodology for probabilistic vs deterministic matching
→Map cross-device data flow including TV ecosystem participants
→Document consent bypass scope across all tracking components
→Calculate measurement impact from consent-first activation

If You're Evaluating Realytics

→Require demonstration of consent-respecting TV attribution
→Demand written confirmation of data retention post-consent-revocation
→Negotiate exclusivity preventing TV match data sharing with competitors
→Evaluate server-side attribution alternatives

Negotiation Leverage

→Five active BTI codes: Demand DPA rewrite addressing each threat category
→C09 enabler: All tracking requires consent bypass for TV matching - negotiate unlimited liability or consent-first activation
→C08 exposure: Require disclosure of ALL cross-device sync partners and TV ecosystem participants
→Oracle corruption: Request technical validation of attribution model accuracy and synthetic path filtering
→Alternative: First-party TV attribution via promo codes + vanity URLs eliminates vendor dependency

Runtime Detections

5 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07Session Recording

Full session replay

BTI-C08Cross-Domain Sync

Identity stitching

BTI-C09Consent Bypass

Ignoring CMP signals

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

149 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK

*www.realytics.io/wp-content/plugins/divi_module_slick/slick.js*

Tracking script

TRACK

*www.realytics.io/wp-includes/js/jquery/jquery-migrate.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/divi_module_slick/script.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.js*

Tracking script

TRACK

*www.realytics.io/wp-includes/js/jquery/jquery.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/monarch/js/idle-timer.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/monarch/js/custom.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/revslider/admin/includes/shortcode_generator/divi/scripts/frontend-bundle.js*

Tracking script

TRACK

*www.realytics.io/wp-content/themes/Divi/js/scripts.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/ajax-search-lite/js/min/plugin/merged/asl.js*

Tracking script

TRACK

*www.realytics.io/wp-includes/js/jquery/ui/core.js*

Tracking script

TRACK

*www.realytics.io/wp-includes/js/dist/hooks.js*

Tracking script

TRACK

*www.realytics.io/wp-content/uploads/pum/pum-site-scripts.js*

Tracking script

TRACK

*www.realytics.io/wp-content/themes/Divi/core/admin/js/common.js*

Tracking script

TRACK

*www.realytics.io/wp-content/themes/realytics/js/rss-feed.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/js/webpack.runtime.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/js/frontend.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/js/frontend-modules.js*

Tracking script

TRACK

*www.realytics.io/wp-includes/js/dist/i18n.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor-pro/assets/js/frontend.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor-pro/assets/js/elements-handlers.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/revslider/sr6/assets/js/rbtools.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/revslider/sr6/assets/js/rs6.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/js/section-frontend-handlers.*.bundle.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/js/text-editor.*.bundle.js*

Tracking script

TRACK

*www.realytics.io/wp-content/plugins/elementor/assets/js/shared-frontend-handlers.*.bundle.js*

Tracking script

TRACK

www.realytics.io/wp-includes/js/jquery/jquery.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-includes/js/jquery/jquery-migrate.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/divi_module_slick/slick.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/divi_module_slick/script.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/revslider/sr6/assets/js/rbtools.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/revslider/sr6/assets/js/rs6.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/monarch/js/idle-timer.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/monarch/js/custom.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/themes/Divi/js/scripts.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/ajax-search-lite/js/min/plugin/merged/asl.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/revslider/admin/includes/shortcode_generator/divi/scripts/frontend-bundle.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-includes/js/jquery/ui/core.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-includes/js/dist/hooks.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/uploads/pum/pum-site-scripts.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/themes/Divi/core/admin/js/common.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/themes/realytics/js/rss-feed.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/js/frontend-modules.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/js/frontend.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-includes/js/dist/i18n.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor-pro/assets/js/frontend.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/js/section-frontend-handlers.d85ab872da118940910d.bundle.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/js/shared-frontend-handlers.03caa53373b56d3bab67.bundle.min.js

Auto-extracted from scan

TRACK

www.realytics.io/wp-content/plugins/elementor/assets/js/text-editor.45609661e409413f1cef.bundle.min.js

Auto-extracted from scan

Ecosystem

Ecosystem & Supply Chain

Realytics operates in attribution layer, receiving data from ad servers (Google, Xandr) and feeding results to analytics platforms (Google Analytics, Adobe). Creates measurement dependency where TV attribution accuracy requires consent bypass, forcing Oracle-Counselor tradeoff. Often co-deployed with other cross-device vendors, multiplying synchronization exposure.

Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

158 detection signatures across scripts, domains, cookies, and network endpoints