FewCookies

Guide · Updated: July 9, 2026

How do you check that Google Consent Mode v2 is correctly configured on your site?

Open your site in an incognito window with DevTools on the Network tab and look for the gcs and gcd parameters on requests to Google domains: before any click the state must be "denied", and after accepting a new request must appear with the updated state. If you would rather not read network requests, the free FewCookies scan automatically checks the default state, the default → update order and which trackers fire before consent.

Open your site in an incognito window with DevTools on the Network tab and look for the gcs and gcd parameters on requests to Google domains: before any click the state must be "denied", and after accepting a new request must appear with the updated state. If you would rather not read network requests, the free FewCookies scan automatically checks the default state, the default → update order and which trackers fire before consent.

What does a correct setup look like?

A correct Consent Mode v2 implementation satisfies three conditions, each verifiable on its own:

ConditionHow it shows
The default state exists and is "denied"The gtag('consent', 'default', …) command runs before any Google tag
All four signals are declaredad_storage, analytics_storage, ad_user_data, ad_personalization — not just the first two (v1)
The update follows the decisionAfter clicking "Accept"/"Reject", a gtag('consent', 'update', …) goes out with the real states

The most common defect in the wild: the banner only sends the update, without the default state — or the reverse, it declares a "granted" default, which defeats the whole point of the mechanism.

How do you check manually, with DevTools?

  1. A clean window. Open the site in an incognito window (no old cookies), with DevTools → Network open beforehand.
  2. Look for "gcs" before any click. Filter requests to google-analytics.com, googletagmanager.com or googleadservices.com and inspect the gcs and gcd parameters: on first load, the values must reflect "denied" (e.g. gcs=G100).
  3. Accept and compare. Press "Accept" in the banner and watch the new request: the parameter must switch to "granted" (e.g. gcs=G111) without a page reload.
  4. Check the refusal too. Repeat in a fresh window with "Reject": no _ga/_gcl cookies must appear after refusing.

Alternatively, the Google Tag Assistant extension shows the same consent states in a friendlier interface, tag by tag.

How do you check automatically?

A manual check captures today's state; the problem is that any deploy can break it tomorrow. The free FewCookies scan loads your site in a real browser, with no interaction, and reports exactly what matters here: which cookies and trackers fire before consent, whether the banner exists, and whether the consent signals are sent in the correct order.

If the scan finds trackers firing before consent, the pillar guide Google Consent Mode v2 for Romania explains step by step what a correct implementation looks like and what it legally entails.

Frequently asked questions

What does the gcs parameter in Google requests mean?

It is the encoded consent state the tag reports to Google: G100 means ad_storage and analytics_storage denied, G111 means both granted. Together with the gcd parameter (which covers the v2 signals), it shows exactly what your banner transmitted.

My banner shows options — is that enough?

Not necessarily. A banner can show options and still let trackers fire before the choice, or never send the Consent Mode signals at all. What goes out on the network matters, not what shows on screen — which is why you verify in the Network tab or with a scan.

How often should I repeat the check?

After every relevant change: adding a new tag, switching themes or platforms, or updating the banner. Any deploy can reorder the scripts in <head> and break the default → update order with no visible sign.

Want to see which cookies and trackers fire on your site before consent? The scan is free and needs no account. Check your site for free →