All Vendors
deanon

OpenSend

Claims "100% legally compliant" while running 25+ trackers without consent, CNAME-cloaking a first-party subdomain to undisclosed Hyros ad attribution, and operating a covert cross-domain PII transport channel that injects visitor names and emails into URLs via window.name before destroying the evidence.

343 IOCs100% pre-consent
90
Vendor Risk Score
Intelligence Briefing

Full OpenSend Threat Intelligence Report

Everything BLACKOUT observed, analyzed, and documented — key findings, disclosure gaps, customer impact, negotiation leverage, runtime detections, IOC manifest, and role-specific action plans.

Security
  • Full BTI threat code breakdown with severity ratings
  • Network patterns, beacon endpoints, and IOC manifest
  • Supply chain dependencies and attack surface mapping
Legal
  • Regulation-specific violation mapping (GDPR, CCPA, ePrivacy)
  • Side-by-side claim vs observed behavior with evidence
  • Documented violations for contract renegotiation
Privacy
  • Pre-consent data collection evidence with timestamps
  • Cookie and storage key inventory with purposes
  • Undisclosed subprocessors and data recipients
Procurement
  • Evidence-backed talking points for vendor meetings
  • Contractual obligation gaps you can act on
  • Role-specific action plans for existing users and evaluators
GET INTELLIGENCE BRIEFING
Not sure what you're getting? See a sample report
Vendor Details