https://oracle.com
Scanned Apr 15, 2026 · 34.3s
Your website score is
Grade
BannerConsent Banner
Yes
Regulatory Compliance
Multi-regulation overview — click any regulation for details
Technical scan only. A passing score does not equal legal compliance. Consult qualified legal counsel for your jurisdiction.
Tag Leak detected 21 user data leaks before consent on oracle.com, including Akamai (Analytics Tracker), Tealium (Tracker Tracker), TrustARC (Tracker Tracker) and 3 more.
Security Headers
4/6 presentStrict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://my.oracle.com https://eeho.fa.us2.oraclecloud.com https://blogs.oracle.com *.khapps.com *.khapps.jp *.lsapps.oracle.com *.lsapps.oracle.jp *.dev-lsapps.oracle.com https://oraclesso.sharepoint.com https://oracle.sharepoint.com https://partners.oracle.com https://partners-stage.oracle.com https://partners-test.oracle.com https://partners-sit.oracle.com https://partners-dev.oracle.com
X-Frame-Options
sameorigin
X-Content-Type-Options
nosniff nosniff
Referrer-Policy
Set a Referrer-Policy header to control how much referrer information is shared
Permissions-Policy
Add a Permissions-Policy header to restrict browser features like camera, microphone, and geolocation
Google Consent Mode
V1Consent Parameters
Issues (3)
No default consent call detected — consent mode may not be initialised correctly
Google Consent Mode v1 detected — upgrade to v2 (requires ad_user_data and ad_personalization parameters)
No GTM container detected — consent mode works best with Google Tag Manager
Post-Rejection Audit
Reject Button
Found
Post-Rejection Fires
0 vendors
Consent Mode
Not Detected
GTM Load
Not detected
Consent Mode V2: Not Detected
Google Consent Mode was not detected on this site.
✓ gtag('consent', 'update') call detected on rejection
Consent Record Audit
Issues detectedConsent record stored after interaction
GDPR Art. 7(1)No consent record written — cannot prove consent was given
No CMP consent cookie or localStorage entry was found after the consent interaction. GDPR requires controllers to demonstrate consent was given.
Consent withdrawal mechanism accessible
GDPR Art. 7(3)Cookie settings link / floating button found
Why this matters
Under GDPR Article 7, controllers must be able to demonstrate that consent was given (Art. 7(1)) and ensure users can withdraw consent at any time, as easily as giving it (Art. 7(3)). Sites with no consent record or no withdrawal mechanism cannot legally rely on consent as a lawful basis.
Tracker categories detected
Critical11
Akamai (Analytics Tracker)3 findingss.go-mpulse.net, c.go-mpulse.net, 684dd32c.akstat.io
s.go-mpulse.net, c.go-mpulse.net, 684dd32c.akstat.io
Akamai (analytics) loaded before consent
Akamai (analytics) loaded before consent
Akamai (analytics) loaded before consent
Tealium (tracker) loaded before consent
TrustARC (tracker) loaded before consent
Adobe (tracker) loaded before consent
Adobe Analytics2 findingsoracle.sc.omtrdc.net, AMCV_93263704532955710A490D44%40AdobeOrg
oracle.sc.omtrdc.net, AMCV_93263704532955710A490D44%40AdobeOrg
Adobe Analytics (Adobe) loaded before consent: Adobe Analytics tracking endpoint
Adobe Analytics cookie "AMCV_93263704532955710A490D44%40AdobeOrg" set before consent
Adobe Audience Manager2 findingsdemdex, AMCVS_93263704532955710A490D44%40AdobeOrg
demdex, AMCVS_93263704532955710A490D44%40AdobeOrg
Adobe Audience Manager cookie "demdex" set before consent — Unique value with which Audience Manager can identify a user. Used, among others, for identification, segmentation, modeling and reporting purposes.
Adobe Audience Manager cookie "AMCVS_93263704532955710A490D44%40AdobeOrg" set before consent — The AMCVS cookie serves as a flag indicating that the session has been initialized. Its value is always 1 and discontinues when the session has ended.
No recognizable consent cookie or storage entry detected after interaction — GDPR Article 7(1) requires controllers to demonstrate consent was given (server-side storage cannot be verified)
Warnings11
Unknown was clicked but no consent storage was written — tags may continue firing as if consent was never given
Unknown third-party request to trial-eum-clientnsv4-s.akamaihd.net before consent
Unknown third-party request to trial-eum-clienttons-s.akamaihd.net before consent
Unknown third-party request to 209-38-97-45_s-96-16-53-145_ts-1776281417-clienttons-s.akamaihd.net before consent
Unknown third-party request to 2etgclk7mvfnq2o745eq-pa8rrm-3ae2d3934-clientnsv4-s.akamaihd.net before consent
sessionStorage key "wsicons" written before consent
localStorage key "_boomr_clss" written before consent
sessionStorage key "alternateLinks" written before consent
localStorage key "_boomr_akamaiXhrRetry" written before consent
sessionStorage key "dummy" written before consent
sessionStorage key "ak_bm_tab_id" written before consent
Info5
Akamai cookie "AKA_A2" set before consent — Used for Akamai's Advanced Acceleration feature, intended to improve web performance
Tripadvisor cookie "RT" set before consent — This cookie is used to identify the visitor through an application. This allows the visitor to login to a website through their LinkedIn application for example.
localStorage availability probe (null) wrote "__storage_test__" to localStorage before consent
Akamai bot management session — necessary for site protection
Akamai bot management — necessary for site protection
Compliant3
Adobe Analytics3 findingss_tp, s_ppv, s_cc
s_tp, s_ppv, s_cc
Adobe Analytics cookie "s_tp" set correctly after consent
Adobe Analytics cookie "s_ppv" set correctly after consent
Adobe Analytics cookie "s_cc" set correctly after consent
Is this your site?
Run a full multi-page scan with monitoring and get detailed remediation steps
Scan oracle.com →This audit is based on publicly observable website behavior. To request removal from the index, email support@tagleak.com