ga4audits

GDPR check

Pre-consent cookie scanner

Enter the full page URL you want to scan. We'll load it in a real browser and analyze it live.

Browser session capture

The tool opens the page in a headless Chromium session and records the cookies, requests, tags, and dataLayer activity visible during that run.

Scoped rule set

Each tool applies a narrow ruleset to the captured session. It is useful for implementation QA, not a full-site crawl or legal determination.

Point-in-time report

Results show what was observed in that session, with severity labels and evidence. Re-run after changes or if your site varies by region or user state.

What we check

Pre-consent cookies

Detects every cookie set before a user interacts with your consent banner.

Cookie classification

Sorts each cookie as necessary, analytics, or marketing based on known databases.

CMP detection

Checks whether a consent management platform (OneTrust, Cookiebot, etc.) is installed.

GDPR compliance

Flags violations where non-essential cookies fire without explicit user consent.

How to read results

Your score is 0-100 based on the ratio of compliant vs. non-compliant cookies.

Critical = GDPR violation risk. Non-essential cookies firing before consent.Warning = Review needed. Unclassified or borderline cookies detected.Pass = Compliant. Only necessary cookies before consent.

Common issues we find

_ga / _gid cookies set before consent

Google Analytics cookies firing on page load, before the user clicks "Accept." Fix: configure GA4 to wait for consent mode update.

Marketing pixels dropping cookies pre-banner

Meta Pixel or TikTok setting tracking cookies before the consent banner even loads. Fix: load pixels conditionally via GTM consent triggers.

No CMP installed at all

Site has analytics and marketing tags but no consent management platform. Fix: install a CMP like Cookiebot, OneTrust, or CookieYes.