All Vendors
platform

Upriver

Platform with pre-consent activation patterns.

54 IOCs7 detections100% pre-consent6 sites
70
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Upriver discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

7 detections across 6 sites100% pre-consent activity
CRITICAL

Pre-Consent Activity

Upriver was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

disclosure

HIGH
They Claim

Pending claims extraction

Observed Behavior

Runtime detection shows C09 (consent bypass)

Customer Impact

What This Means For You

Teams using Upriver face consent liability when platform components activate before user authorization. Pre-consent data capture creates compliance exposure requiring technical controls.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Upriver

  • Audit Upriver initialization timing relative to consent collection
  • Implement consent-gated platform feature activation
  • Review platform data collection scope and retention

If You're Evaluating Upriver

  • Document pre-consent activation patterns and data capture scope
  • Request technical controls to defer initialization until consent obtained
  • Obtain written confirmation of data deletion procedures

Negotiation Leverage

  • Pre-consent activation: Platform components initialize before consent — require technical mechanism to defer all features until authorization.
  • Data retention: Platform data persists beyond opt-out — demand specific deletion timelines and third-party sharing restrictions.
Runtime Detections

Runtime Detections

1 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C09Consent Bypass

Ignoring CMP signals

IOC Manifest

IOC Manifest

50 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*www.upriver.com/WebResource.axd*
Tracking script
TRACK
*www.upriver.com/cdn-cgi/challenge-platform/scripts/jsd/main.js*
Tracking script
TRACK
*www.upriver.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/*/main.js*
Tracking script
TRACK
www.upriver.com/WebResource.axd
Auto-extracted from scan
TRACK
www.upriver.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Auto-extracted from scan
TRACK
www.upriver.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Limited runtime intelligence available. Platform nature suggests integration with broader SaaS ecosystems where consent timing coordination becomes critical.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

54 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details