How This Briefing Works
This report opens with key findings, then maps the gaps between what Unify Intent discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Claims vs. Observed Behavior
pending
“Requires claims extraction via CDT”
Live website analysis pending
What This Means For You
What To Do About It
Role-specific actions based on observed behavior
If You're Evaluating Unify Intent
- →First-party lead capture (gated content, email signup)
- →Reverse IP lookup for company-level (not individual) identification
- →Privacy-respecting analytics (Plausible, Fathom)
Negotiation Leverage
- →40% broker score means identified visitor data flows to other Unify customers, including potential competitors
- →Identity resolution without consent creates GDPR lawful basis gaps — legitimate interest claims face increasing regulatory rejection
- →Visitor de-anonymization violates privacy expectations, creating reputational risk when exposed
Runtime Detections
BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.
Ignoring CMP signals
PII deanonymization
Impact: Anonymous website visitors matched to corporate databases and enriched profiles, converting privacy-preserving browsing into identified surveillance.
IOC Manifest
Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
No indicators in this category
Ecosystem & Supply Chain
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
Complete network capture with all requests and responses
7 detection signatures across scripts, domains, cookies, and network endpoints