https://bayer.com
Scanned Apr 15, 2026 · 33.5s
Your website score is
Grade
BannerConsent Banner
Yes
Regulatory Compliance
Multi-regulation overview — click any regulation for details
Technical scan only. A passing score does not equal legal compliance. Consult qualified legal counsel for your jurisdiction.
Tag Leak detected 4 user data leaks before consent on bayer.com, including Akamai (Analytics Tracker).
Security Headers
5/6 presentStrict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' addtocalendar.com cdn.datatables.net cdn.jsdelivr.net cdnjs.cloudflare.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://identitynet.bayer.com https://maps.googleapis.com https://polyfill.io https://rebilly.github.io https://unpkg.com https://video-streaming.bayer.com https://www.google.com unpkg.com www.gstatic.com cdn.cookielaw.org analytics.silktide.com www.googletagmanager.com js-agent.newrelic.com www.google-analytics.com snap.licdn.com *.hotjar.com www.youtube.com connect.facebook.net js.adsrvr.org ga-internaltraffic.weba.bbs.cnb s.go-mpulse.net embed.content-sync.io embed.cms-content-sync.io https://player.vimeo.com https://googleads.g.doubleclick.net blob: f.vimeocdn.com www.gstatic.com https://www.googleadservices.com alttext.ai plugin.handtalk.me; object-src none; report-uri /report-csp-violation
X-Frame-Options
ALLOW-FROM *.bayer.com
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Permissions-Policy
Add a Permissions-Policy header to restrict browser features like camera, microphone, and geolocation
Google Consent Mode
V2Consent Parameters
Issues (2)
No default consent call detected — consent mode may not be initialised correctly
No GTM container detected — consent mode works best with Google Tag Manager
Post-Rejection Audit
Reject Button
Found
Post-Rejection Fires
0 vendors
Consent Mode
Not Detected
GTM Load
Not detected
Consent Mode V2: Not Detected
Google Consent Mode was not detected on this site.
✓ gtag('consent', 'update') call detected on rejection
Consent Record Audit
PassConsent record stored after interaction
GDPR Art. 7(1)Found: OptanonConsent (OneTrust)
Record contains timestamp
Art. 7(1)Timestamp field detected
Record contains consent state
Art. 7(1)Accept/reject state detected
Record contains consent categories
Art. 7(1)Consent categories (analytics, marketing, etc.) not found in record
Consent withdrawal mechanism accessible
GDPR Art. 7(3)Cookie settings link / floating button found
Tracker categories detected
Critical3
Akamai (Analytics Tracker)3 findingss.go-mpulse.net, c.go-mpulse.net, 684dd32f.akstat.io
s.go-mpulse.net, c.go-mpulse.net, 684dd32f.akstat.io
Akamai (analytics) loaded before consent
Akamai (analytics) loaded before consent
Akamai (analytics) loaded before consent
Warnings1
localStorage key "_boomr_clss" written before consent
Info4
OneTrust2 findingscdn.cookielaw.org, OptanonConsent
cdn.cookielaw.org, OptanonConsent
OneTrust (OneTrust) loaded before consent: OneTrust cookie consent management
OneTrust cookie "OptanonConsent" set before consent
Cloudflare (cdn) loaded before consent
OneTrust CMP (OneTrust) loaded before consent: OneTrust geo-lookup — determines which consent banner to show based on user location
Compliant2
OneTrust cookie "OptanonAlertBoxClosed" set correctly after consent
Tripadvisor cookie "RT" set correctly after consent
Is this your site?
Run a full multi-page scan with monitoring and get detailed remediation steps
Scan bayer.com →This audit is based on publicly observable website behavior. To request removal from the index, email support@tagleak.com