How This Briefing Works
This report opens with key findings, then maps the gaps between what IDVisitors discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Key Findings
72 detections across 49 sites60% pre-consent activity
CRITICAL
Pre-Consent Activity
IDVisitors was observed loading and executing before user consent was obtained on 60% of sites where it was detected.
GDPRePrivacy
Disclosure Gaps
Claims vs. Observed Behavior
1 gaps
consent
CRITICAL
They Claim
“Unknown - requires claims extraction via CDT”
Observed Behavior
Deploys identity resolution + pre-consent tracking for visitor deanonymization
Customer Impact
What This Means For You
Sales teams gain visitor intelligence but inherit identity resolution liability without consent. Marketing teams face GDPR dual violation: consent bypass PLUS unlawful processing of personal data (names, companies). Compliance teams must defend visitor deanonymization to privacy regulators without documented legitimate interest.
Recommended Actions
What To Do About It
Role-specific actions based on observed behavior
If You Use IDVisitors
- →Disable IDVisitors tracking immediately - visitor identification without consent is indefensible
- →Request deletion of all historical visitor identification data
- →Audit current data: assess whether sensitive personal data (names, emails, companies) was processed
If You're Evaluating IDVisitors
- →Reject any deanon vendor with pre-consent deployment
- →Require consent-first architecture or contractual liability assumption: vendor pays 100% of GDPR penalties
- →Migrate to privacy-safe alternatives: consented lead capture (forms), account-based advertising (no visitor tracking), or firmographic enrichment from consented sources
Negotiation Leverage
- →IDVisitors combines consent bypass with identity resolution, creating GDPR Article 6 + Article 7 dual liability
- →Visitor identification processes personal data (names, companies) without consent, transparent disclosure, or legitimate interest documentation
- →Vendor must eliminate pre-consent tracking AND obtain explicit consent for identity resolution, or assume 100% regulatory penalty liability
- →Deanonymization works with consent-first architecture - pre-consent deployment is vendor choice that transfers liability to customer
Runtime Detections
Runtime Detections
6 BTI-C CODES
BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.
BTI-C01Defeat Device
Evasion infrastructure, auditor bypass
BTI-C06Behavioral Biometrics
Keystroke/mouse tracking
BTI-C09Consent Bypass
Ignoring CMP signals
Impact: Identity resolution tracking loads before consent opportunity, creating per-visitor GDPR Article 7 violation. Combined with personal data processing (names, companies, contact info), elevates to Article 6 unlawful processing liability.
BTI-C10Fingerprinting
Device identification
BTI-C14Identity Resolution
PII deanonymization
Impact: Device fingerprinting and cross-site tracking resolve anonymous visitors to named individuals/companies. Creates personal data processing without consent, transparent disclosure, or legitimate interest assessment required by GDPR Article 6.
BTI-C15Tag Manager
Container/loader (neutral)
IOC Manifest
IOC Manifest
134 INDICATORS
Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
TRACK
*www.id-visitors.com/assets/index-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/webfontloader-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/blank-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/login-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/loadar-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/axios-general-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/AppTextField.vue_vue_type_script_setup_true_lang-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/vee-validate.esm-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/index.esm-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VInput-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/transition-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VTextField-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/easing-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VCounter-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/SetupPasswordModal.vue_vue_type_script_setup_true_lang-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/user-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/forwardRefs-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/validators-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/createSimpleFunctional-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VCard-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VAvatar-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VForm-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VImg-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VDialog-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/lazy-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VOverlay-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/dialog-transition-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/constant-string-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VRow-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VCheckbox-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VCheckboxBtn-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/VSelectionControl-*.js*
Tracking script
TRACK
*www.id-visitors.com/assets/route-block-*.js*
Tracking script
EXFIL
*reporting.id-visitors.com/api/reports/resources/js/telerikReportViewer*
Data collection endpoint
EXFIL
fe.sitedataprocessing.com
Data collection endpoint
TRACK
a.usbrowserspeed.com
Tracking script
TRACK
www.id-visitors.com/assets/index-0bb6ccbf.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/webfontloader-efa5a316.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/blank-61c44144.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/login-2a8bbb9b.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/loadar-5a80fdfd.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/vee-validate.esm-9cb0e734.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/index.esm-430aecfb.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/axios-general-1f1c2f6a.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/AppTextField.vue_vue_type_script_setup_true_lang-608398bc.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VInput-f7f948a4.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/transition-af3c11b4.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VTextField-95c05710.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VCounter-751b0a84.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/easing-9f15041e.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/index-6e789d3d.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/forwardRefs-a29b5f65.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/user-3c339f38.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/SetupPasswordModal.vue_vue_type_script_setup_true_lang-8ead1c69.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/validators-4fab0c87.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VCard-28ba1fe5.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/createSimpleFunctional-663556dd.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VAvatar-cfc71354.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VImg-395ee04f.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VForm-c46dad34.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VDialog-14afd3e4.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VOverlay-7a1a220d.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/lazy-9249fa02.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/dialog-transition-b28c739b.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/constant-string-24984c09.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VRow-5053b9d9.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VCheckbox-a6384268.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VCheckboxBtn-afb9f107.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/VSelectionControl-ac4ad043.js
Auto-extracted from scan
TRACK
www.id-visitors.com/assets/route-block-83d24a4e.js
Auto-extracted from scan
EXFIL
reporting.id-visitors.com/api/reports/resources/js/telerikReportViewer
Auto-extracted from scan
Ecosystem
Ecosystem & Supply Chain
IDVisitors operates in visitor identification/deanonymization space alongside 6sense, Clearbit, Demandbase, and Leadfeeder. Standard pre-consent deployment for deanon vendors (requires early tracking for identity resolution). Higher risk than analytics-only tools due to personal data processing.
Evidence
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
HAR Capture
Complete network capture with all requests and responses
IOC Manifest
138 detection signatures across scripts, domains, cookies, and network endpoints