All Vendors
attribution

Rockerbox

Multi-touch attribution platform with aggressive device fingerprinting and cross-site tracking. High CAC subsidization risk through demand signal leakage.

116 IOCs57 detections7% pre-consent55 sites
80
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Rockerbox discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

57 detections across 55 sites7% pre-consent activity
MEDIUM

Pre-Consent Activity

Rockerbox was observed loading and executing before user consent was obtained on 7% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown

Observed Behavior

Requires claims extraction via CDT

Customer Impact

What This Means For You

Marketing teams rely on attribution data for budget allocation. If Rockerbox tracking is blocked by 40%+ of visitors, your attribution model systematically undervalues top-of-funnel channels. Meanwhile, your prospect behavior trains competitors' models through shared attribution network.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Rockerbox

  • Audit consent implementation - verify tracking starts AFTER opt-in
  • Request data processing addendum with cross-domain tracking limitations
  • Implement server-side attribution as alternative to client-side fingerprinting
  • Monitor blocking rates via Privacy Sandbox APIs to quantify signal loss

If You're Evaluating Rockerbox

  • Server-side attribution platforms (Northbeam, Hyros)
  • First-party data warehousing with custom attribution models
  • Privacy-preserving attribution (Google Privacy Sandbox Aggregate API)

Negotiation Leverage

  • Attribution accuracy depends on tracking coverage - ask vendor to quantify signal loss from privacy controls
  • DPA must restrict cross-customer data use - your prospects should not train competitor models
  • Require consent-first architecture or contract limits liability transfer
  • Platform creates measurement distortion AND CAC subsidy - price should reflect dual risk
Runtime Detections

Runtime Detections

4 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

BTI-C08Cross-Domain Sync

Identity stitching

Impact: Cross-site tracking enables profile building across properties without user knowledge, triggering GDPR Article 35 (DPIA requirement).

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Tracking initiates before consent collection, creating liability for unlawful processing under Article 6 GDPR.

BTI-C10Fingerprinting

Device identification

Impact: Browser fingerprinting without consent violates ePrivacy Directive. Creates enforceable violations under GDPR Article 21 (right to object).

IOC Manifest

IOC Manifest

95 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*www.rockerbox.com/hubfs/hub_generated/template_assets/1/*/*/template_main.js*
Tracking script
TRACK
*www.rockerbox.com/hubfs/hub_generated/module_assets/1/*/*/module_Navigation.js*
Tracking script
TRACK
*www.rockerbox.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js*
Tracking script
TRACK
*www.rockerbox.com/hubfs/hub_generated/module_assets/1/*/*/module_Recent_Posts_Tag_Module_-_Home.js*
Tracking script
TRACK
*www.rockerbox.com/hubfs/hub_generated/template_assets/1/*/*/template_animations-wcs-new.js*
Tracking script
TRACK
*www.rockerbox.com/hs/scriptloader/*.js*
Tracking script
TRACK
*www.rockerbox.com/hs/hsstatic/HubspotToolsMenu/static-1.432/js/index.js*
Tracking script
TRACK
*www.rockerbox.com/hs/hsstatic/content-cwv-embed/static-1.*/embed.js*
Tracking script
TRACK
www.rockerbox.com/hs/hsstatic/content-cwv-embed/static-1.1293/embed.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hubfs/hub_generated/template_assets/1/81379686060/1765989007316/template_main.min.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hubfs/hub_generated/template_assets/1/86599480886/1765989002536/template_animations-wcs-new.min.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hubfs/hub_generated/module_assets/1/81830959379/1742093260187/module_Navigation.min.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hubfs/hub_generated/module_assets/1/153635528029/1745341751166/module_Recent_Posts_Tag_Module_-_Home.min.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hs/scriptloader/4306380.js
Auto-extracted from scan
TRACK
www.rockerbox.com/hs/hsstatic/HubspotToolsMenu/static-1.432/js/index.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Integrates with Google Analytics, Facebook Ads, Salesforce. Data flows to attribution models shared across customer base. Requires pixel deployment across all marketing touchpoints.
Loads (1)
Hubspot
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

116 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details