How This Briefing Works
This report opens with key findings, then maps the gaps between what Adventive discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Key Findings
28 detections across 27 sites14% pre-consent activity
MEDIUM
Pre-Consent Activity
Adventive was observed loading and executing before user consent was obtained on 14% of sites where it was detected.
GDPRePrivacy
HIGH
Pending Analysis
6 BTI behavioral codes detected across 28 instances on 27 sites. Full claims extraction required for gap analysis.
Disclosure Gaps
Claims vs. Observed Behavior
1 gaps
1 HIGH
Pending Analysis
HIGH
They Claim
“Claims analysis pending”
Observed Behavior
6 BTI behavioral codes detected across 28 instances on 27 sites. Full claims extraction required for gap analysis.
Customer Impact
What This Means For You
If you deploy Adventive for ad serving, 46 scripts execute on your visitors' browsers from a single domain. This means your Content Security Policy cannot granularly control which Adventive capabilities load — it is all or nothing. The behavioral biometrics and session recording capabilities mean your visitors' keystroke patterns, mouse movements, and complete browsing sessions are captured by what appears to be an ad server. Your privacy policy almost certainly describes Adventive as an advertising partner, not a behavioral surveillance system with identity resolution. You are the data controller for all of this undisclosed processing.
Recommended Actions
What To Do About It
Role-specific actions based on observed behavior
If You Use Adventive
- →Audit exactly which of the 46 Adventive scripts load on your pages and what each one does — document any that exceed ad serving functionality
- →Verify your CMP correctly manages Adventive consent given the single-domain, multi-script architecture
- →Update your privacy policy to disclose behavioral biometrics and session recording if you continue using Adventive
- →Implement subresource integrity (SRI) checks on Adventive scripts to detect unauthorized code changes
If You're Evaluating Adventive
- →Request Adventive's technical documentation explaining why 46 scripts are necessary for ad serving
- →Assess alternative ad servers with transparent, minimal client-side footprints
- →Conduct a DPIA for Adventive's behavioral biometrics (C06) and session recording (C07) capabilities
- →Evaluate whether Adventive's ad serving performance justifies the regulatory risk of 6 BTI behavioral codes and 46 client-side scripts
Negotiation Leverage
- →46 scripts from a single domain is the highest script count in the VRS 90 tier — demand a complete technical manifest explaining what each script does and what data it collects
- →Behavioral biometrics (C06) and session recording (C07) in an ad server is anomalous — these capabilities have no legitimate ad serving purpose. Demand explanation or contractual prohibition
- →Identity resolution (C14) combined with ad serving means visitor identities flow into advertising ecosystems — require data isolation guarantees and audit rights
- →Single-domain architecture makes granular script blocking impossible — demand a modular deployment option that separates ad serving from behavioral data collection
- →6 BTI behavioral codes for a vendor marketed as an ad server represents a significant disclosure gap — use this as leverage for favorable data processing terms
Runtime Detections
Runtime Detections
6 BTI-C CODES
BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.
BTI-C01Defeat Device
Evasion infrastructure, auditor bypass
Impact: Evasion infrastructure in a 46-script deployment means Adventive can selectively alter behavior during compliance testing, making it impossible to verify the full scope of data collection through standard audit procedures.
BTI-C06Behavioral Biometrics
Keystroke/mouse tracking
Impact: Keystroke and mouse movement tracking from an ad serving platform is anomalous — ad servers do not need behavioral biometrics to deliver advertisements. This indicates data collection capabilities that extend far beyond the stated purpose of ad serving.
BTI-C07Session Recording
Full session replay
Impact: Session replay from an ad server means your visitors' complete browsing sessions are captured and transmitted under the guise of advertisement delivery. This undisclosed recording creates data processing obligations most sites have not accounted for.
BTI-C09Consent Bypass
Ignoring CMP signals
Impact: Consent bypass at 14% of deployments means Adventive fires before consent authorization on approximately 1 in 7 sites. With 46 scripts per deployment, each pre-consent load creates dozens of simultaneous unauthorized data collection events.
BTI-C10Fingerprinting
Device identification
Impact: Device fingerprinting from an ad server creates persistent visitor identification that operates independently of cookie consent, undermining privacy controls and creating tracking that visitors cannot effectively manage.
BTI-C14Identity Resolution
PII deanonymization
Impact: PII deanonymization means Adventive can resolve anonymous visitors to real identities. Combined with behavioral biometrics and session recording, this creates detailed identified behavioral profiles from what appears to be simple ad delivery.
IOC Manifest
IOC Manifest
197 INDICATORS
Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
TRACK
*adventive.com/wp-includes/js/jquery/jquery.js*
Tracking script
TRACK
*adventive.com/wp-includes/js/jquery/jquery-migrate.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/fastdom/fastdom.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/bootstrap/js/bootstrap.js*
Tracking script
TRACK
*adventive.com/wp-includes/js/imagesloaded.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/jquery-ui/jquery-ui.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/gsap/utils/CustomEase.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/js/draw-shape/liquidDrawShape.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/gsap/minified/gsap.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/gsap/minified/DrawSVGPlugin.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/lity/lity.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/fresco/js/fresco.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/js/animated-blob/liquidAnimatedBlob.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/gsap/minified/ScrollTrigger.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/fontfaceobserver.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/intersection-observer.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/tinycolor-min.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/gsap/utils/SplitText.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-engine/assets/lib/slick/slick.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/vendors/t-js/t.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-engine/assets/lib/jet-plugins/jet-plugins.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.js*
Tracking script
TRACK
*adventive.com/wp-includes/js/dist/hooks.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/js/webpack.runtime.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-engine/assets/js/frontend.js*
Tracking script
TRACK
*adventive.com/wp-content/themes/hub/assets/js/theme.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/js/frontend.js*
Tracking script
TRACK
*adventive.com/wp-includes/js/dist/i18n.js*
Tracking script
TRACK
*adventive.com/wp-includes/js/jquery/ui/core.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/js/frontend.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/js/frontend-modules.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-elements/assets/js/jet-elements.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/js/lightbox.*.bundle.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/js/load-more.*.bundle.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/js/posts.*.bundle.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.*.bundle.js*
Tracking script
TRACK
*adventive.com/wp-content/plugins/elementor/assets/js/video.*.bundle.js*
Tracking script
TRACK
adventive.com/wp-includes/js/jquery/jquery.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-includes/js/jquery/jquery-migrate.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/fastdom/fastdom.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/bootstrap/js/bootstrap.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-includes/js/imagesloaded.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/jquery-ui/jquery-ui.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/fresco/js/fresco.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/lity/lity.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/gsap/minified/gsap.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/gsap/utils/CustomEase.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/gsap/minified/DrawSVGPlugin.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/gsap/minified/ScrollTrigger.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/js/draw-shape/liquidDrawShape.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/js/animated-blob/liquidAnimatedBlob.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/fontfaceobserver.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/intersection-observer.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/tinycolor-min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/gsap/utils/SplitText.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/js/theme.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-engine/assets/lib/slick/slick.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-engine/assets/lib/jet-plugins/jet-plugins.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-engine/assets/js/frontend.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/themes/hub/assets/vendors/t-js/t.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-includes/js/dist/hooks.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-includes/js/dist/i18n.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-includes/js/jquery/ui/core.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/js/frontend.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/js/lightbox.db6cea8ed8ffdf265764.bundle.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/js/load-more.c9f6aac03af905f4e206.bundle.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js
Auto-extracted from scan
TRACK
adventive.com/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js
Auto-extracted from scan
Ecosystem
Ecosystem & Supply Chain
Adventive operates in the ad serving and creative management space, providing ad delivery infrastructure for publishers and advertisers. The platform's single-domain architecture with 46 scripts suggests a monolithic deployment model where all capabilities — ad serving, tracking, biometrics, identity — are bundled into one integration. Adventive connects to broader programmatic advertising ecosystems through standard ad exchange protocols. The behavioral biometrics and identity resolution capabilities suggest data partnerships or internal intelligence products that extend beyond core ad serving.
Evidence
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
HAR Capture
Complete network capture with all requests and responses
IOC Manifest
204 detection signatures across scripts, domains, cookies, and network endpoints