All Vendors
dsp

Virtualminds

Virtualminds operates demand-side platform infrastructure while deploying defeat devices, behavioral biometrics, session recording, consent bypass, and fingerprinting across advertising campaigns. The platform positions itself as programmatic advertising solution while enabling visitor surveillance that extends beyond standard ad delivery functionality.

191 IOCs24 detections4% pre-consent24 sites
80
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Virtualminds discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

24 detections across 24 sites4% pre-consent activity
MEDIUM

Pre-Consent Activity

Virtualminds was observed loading and executing before user consent was obtained on 4% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Requires claims extraction via CDT

Observed Behavior

Defeat device, behavioral biometrics, session recording, consent bypass, and fingerprinting detected in runtime

Customer Impact

What This Means For You

Marketing teams lose attribution clarity when programmatic advertising distorts conversion tracking. Analytics teams face measurement corruption from DSP behavioral layering. Legal teams inherit maximum liability exposure when advertising platform deploys consent bypass. Revenue operations teams subsidize competitor intelligence through shared programmatic infrastructure.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Virtualminds

  • Audit defeat device deployment within programmatic advertising infrastructure
  • Review session recording scope in campaign delivery workflows
  • Verify fingerprinting boundaries for advertising continuity mechanisms
  • Require consent collection before Virtualminds tracking initialization

If You're Evaluating Virtualminds

  • DSP solutions without embedded visitor surveillance beyond ad delivery
  • Privacy-respecting programmatic platforms limiting tracking scope
  • Contextual advertising eliminating behavioral targeting and cross-customer intelligence leakage

Negotiation Leverage

  • Challenge defeat device mechanisms within advertising infrastructure
  • Require disclosure of all surveillance capabilities beyond campaign delivery
  • Demand opt-out from cross-customer campaign monitoring analysis
  • Request data processing agreement amendments addressing visitor tracking through DSP platform
  • Negotiate liability protection for consent violations by programmatic advertising infrastructure
Runtime Detections

Runtime Detections

5 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

Impact: Detection evasion mechanisms obscure tracking deployment within programmatic advertising infrastructure.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

Impact: Interaction patterns with advertising captured to enhance audience profiles and retargeting accuracy.

BTI-C07Session Recording

Full session replay

Impact: Website sessions captured to contextualize advertising engagement and optimize campaign delivery.

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Tracking mechanisms active through advertising infrastructure before visitor consent collection completes.

BTI-C10Fingerprinting

Device identification

Impact: Browser and device characteristics harvested for advertising continuity across campaigns and publishers.

IOC Manifest

IOC Manifest

189 INDICATORS

Indicators of compromise across 3 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*virtualminds.com/wp-includes/js/jquery/jquery.js*
Tracking script
TRACK
*virtualminds.com/wp-includes/js/jquery/jquery-migrate.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js*
Tracking script
TRACK
*virtualminds.com/wp-content/themes/hello-theme-child-master/animations/home.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/captcha-for-contact-form-7/core/assets/f12-cf7-captcha-cf7.js*
Tracking script
TRACK
*virtualminds.com/wp-includes/js/dist/i18n.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/frontend-modules.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js*
Tracking script
TRACK
*virtualminds.com/wp-includes/js/dist/hooks.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/webpack.runtime.js*
Tracking script
TRACK
*virtualminds.com/wp-includes/js/jquery/ui/core.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor-pro/assets/js/frontend.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/contact-form-7/includes/js/index.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/frontend.js*
Tracking script
TRACK
*virtualminds.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.js*
Tracking script
TRACK
*virtualminds.com/wp-content/themes/hello-theme-child-master/js/lib/isotope.pkgd.js*
Tracking script
TRACK
*virtualminds.com/wp-includes/js/imagesloaded.js*
Tracking script
TRACK
*virtualminds.com/wp-content/themes/hello-theme-child-master/js/lib/fancybox.umd.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/lib/swiper/v8/swiper.js*
Tracking script
TRACK
*virtualminds.com/wp-content/themes/hello-theme-child-master/animations/gsap.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/section-frontend-handlers.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/counter.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/shared-frontend-handlers.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/text-editor.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor/assets/js/image-carousel.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor-pro/assets/js/loop-carousel.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-content/plugins/elementor-pro/assets/js/loop.*.bundle.js*
Tracking script
TRACK
*virtualminds.com/wp-includes/js/wp-emoji-release.js*
Tracking script
TRACK
virtualminds.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/jquery/jquery.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/jquery/jquery-migrate.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/themes/hello-theme-child-master/animations/home.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/captcha-for-contact-form-7/core/assets/f12-cf7-captcha-cf7.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/dist/hooks.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/dist/i18n.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/contact-form-7/includes/js/index.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/jquery/ui/core.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/frontend.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/lib/swiper/v8/swiper.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/imagesloaded.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/themes/hello-theme-child-master/js/lib/isotope.pkgd.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/themes/hello-theme-child-master/js/lib/fancybox.umd.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/themes/hello-theme-child-master/animations/gsap.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/section-frontend-handlers.d85ab872da118940910d.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/shared-frontend-handlers.03caa53373b56d3bab67.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/text-editor.45609661e409413f1cef.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/counter.12335f45aaa79d244f24.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor/assets/js/image-carousel.6167d20b95b33386757b.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor-pro/assets/js/loop.89cc81d2188312a17a17.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-content/plugins/elementor-pro/assets/js/loop-carousel.cd9a95b2e4dd2a239b81.bundle.min.js
Auto-extracted from scan
TRACK
virtualminds.com/wp-includes/js/wp-emoji-release.min.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Virtualminds integrates with advertising exchanges and publisher networks, creates measurement interference through programmatic advertising layer, and establishes cross-customer monitoring channels observing campaign strategies across shared customer base.
Loads (1)
Piwik Pro
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

191 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details