18 technologies5 categories
oreo.com is built on Contentful with Google Tag Manager and Google Analytics. It ranks #71,233 globally.
The frontend relies on Tailwind CSS. Analytics are handled by Google Tag Manager and Google Analytics. Infrastructure includes Cloudflare and Amazon S3.
Tech Stack Highlights
Core Platform2
Shopify
Ecommerce
100%
4 evidence signals
Header
Shopify: Shopify, OxygenCookie
_shopify_sCookie
_shopify_yJS Global
Shopify โ objectContentful
CMS
75%
1 evidence signal
HTML
<meta property="og:image:url" content="https://images.ctfassets.netFrameworks & Languages4
Tailwind CSS
UI frameworks
75%
1 evidence signal
css
--tw-React Router
JavaScript frameworks
75%
1 evidence signal
JS Global
__reactRouterVersion โ stringRemixvd9b43cbe
Web frameworks
75%
2 evidence signals
JS Global
__remixContext โ objectJS Global
__remixManifest โ object(vd9b43cbe)React
JavaScript frameworks
50%
1 evidence signal
HTML
implied by React RouterAnalytics & Marketing3
Google Tag Manager
Tag managers
100%
3 evidence signals
HTML
googletagmanager.com/gtm.jsJS Global
google_tag_manager โ objectJS Global
dataLayer โ objectGoogle Analytics
Analytics
100%
2 evidence signals
Script
https://www.googletagmanager.com/gtag/js?id=G-KZDJFKC4ZY&cx=c>m=4e62i1JS Global
gtag โ functionK
Klaviyo
Marketing automation
100%
1 evidence signal
dns
DKIM selector: klInfrastructure & Security6
Cloudflare
CDN
75%
2 evidence signals
Header
9d16c2b1e8414900-SJCHeader
cloudflare: cloudflareOneTrust
Cookie compliance
75%
3 evidence signals
Script
https://cdn.cookielaw.org/scripttemplates/otSDKStub.jsScript
https://cdn.cookielaw.org/scripttemplates/otSDKStub.jsScript
https://cdn.cookielaw.org/scripttemplates/otSDKStub.jsreCAPTCHA
Security
75%
1 evidence signal
Script
https://www.google.com/recaptcha/enterprise.js?render=6Le2TVorAAAAAPdwU7Y7PlC6PHzChQv3eIIzbH7rHSTS
Security
75%
1 evidence signal
Header
max-age=31536000
Amazon S3
CDN
75%
1 evidence signal
Header
s3[^ ]*amazonaws\.com: base-uri 'self'; default-src 'self' 'nonce-c79a2ec87e507e52e9b89964dae3b502' https://cdn.shopify.com https://shopify.com; frame-ancestors 'self' app.contentful.com *.googletagmanager.com oreo.com *.oreo.com; style-src privacyportalde-cdn.onetrust.com mondelez.review.eprize.com hello.myfonts.net http://c.lytics.io *.doogma.com s3-us-west-2.amazonaws.com *.click2cart.com click2cart.co *.click2cart.co maxcdn.bootstrapcdn.com *.audioeye.com *.lytics.io *.bazaarvoice.com display.ugc.bazaarvoice.com *.googletagmanager.com googletagmanager.com tagmanager.google.com fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.shopify.com; connect-src 'self' graphql.contentful.com *.prod.uidapi.com prod.uidapi.com insight.adsrvr.org ct.pinterest.com cdn.growthbook.io s.amazon-adsystem.com c.amazon-adsystem.com ara.paa-reporting-advertising.amazon widget.euw1.chat.pega.digital wss://engine.euw1.chat.pega.digital pega-chat-attachments-euw1.s3.eu-west-1.amazonaws.com adservice.google.com googleads.g.doubleclick.net www.googleadservices.com www.google.com www.mczbf.com wss://tolerant-kiwi-magical.ngrok-free.app:* privacyportalde-cdn.onetrust.com wss://ws-mt1.pusher.com screenshots.bugherd.com/health sockjs.pusher.com *.bugherd.com sidebar.bugherd.com/binoculars tagging.oreo.com sessions.bugsnag.com *.bugsnag.com stats.g.doubleclick.net analytics.google.com nprd-gtm-d2c-1-server.mdlzapps.cloud privacyportal-de.onetrust.com cdn.acsbapp.com o19233.ingest.sentry.io analytics.tiktok.com analytics-ipv6.tiktokw.us analytics.pangle-ads.com geolocation.onetrust.com cdn.cookielaw.org *.google-analytics.com *.analytics.google.com *.shopify.com *.myshopify.com monorail-edge.shopifysvc.com s3-us-west-2.amazonaws.com *.click2cart.com click2cart.co *.click2cart.co shop.oreo.com sdk.iad-07.braze.com *.audioeye.com *.googlesyndication.com ad.doubleclick.net *.bazaarvoice.com stg.api.bazaarvoice.com www.facebook.com connect.facebook.net blob: *.googletagmanager.com *.mdlzapps.cloud 'self' https://monorail-edge.shopifysvc.com; form-action 'self' https://api.bazaarvoice.com https://www.facebook.com; object-src 'none'; img-src 'self' data: braze-images.com insight.adsrvr.org *.google.com cdnjs.cloudflare.com idsync.rlcdn.com www.mczbf.com tagging.oreo.com d.agkn.com stats.g.doubleclick.net analytics.google.com d2iiunr5ws5ch1.cloudfront.net c.lytics.io cm.g.doubleclick.net t.co ad.doubleclick.net googleads.g.doubleclick.net analytics.twitter.com cdn.cookielaw.org *.google-analytics.com blob: images.ctfassets.net videos.ctfassets.net cdn.shopify.com images-tastehub.mdlzapps.cloud click2cart.com *.bugherd.com *.mdlzapps.cloud widget.euw1.chat.pega.digital pega-chat-attachments-euw1.s3.eu-west-1.amazonaws.com *.googlesyndication.com www.google.com *.bazaarvoice.com www.facebook.com *.googletagmanager.com googletagmanager.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com; media-src 'self' data: images.ctfassets.net videos.ctfassets.net cdn.shopify.com images-tastehub.mdlzapps.cloud widget.euw1.chat.pega.digital pega-chat-attachments-euw1.s3.eu-west-1.amazonaws.com *.googlesyndication.com; script-src 'self' 'strict-dynamic' cdn.prod.uidapi.com privacyportalde-cdn.onetrust.com cdn.acsbapp.com pnzzmlvk.micpn.com acsbapp.com c.lytics.io analytics.tiktok.com acsbap.com cdn.cookielaw.org static.ads-twitter.com google.com *.google.com tagmanager.google.com blob: *.shopify.com 'unsafe-eval' s3-us-west-2.amazonaws.com *.click2cart.com 'unsafe-hashes' *.audioeye.com *.googletagmanager.com googletagmanager.com 'sha256-ldNO9pII0S0qZFNvWIu8QaeieCEU4Ebs/hKQcJiaav8=' 'sha256-JivjteQzOFNs0SxkyyivpTbXybbi3B4N57K3Pyny9og=' 'sha256-qVWbMXMqZjy+Le+NWOs0nMIk3zAS/IW8ZPIw850ZmuQ=' 'sha256-xWyeACf7ZOesFE8wK3sQrZWPcsC9gw1qe/uS2V0ERco=' 'sha256-7hiC1d6xCwoyVQpxYWf7gXI7sOo2WRNYvRY3v/RiCL4=' 'sha256-FktX8P26Qa8BEDjKcUTaYi31wGF8gz/5JH+aYBhxiYk=' *.bazaarvoice.com 'nonce-c79a2ec87e507e52e9b89964dae3b502'; font-src 'self' oreo.com assets.ctfassets.net privacyportalde-cdn.onetrust.com eprize-content.s3.amazonaws.com hello.myfonts.net/count/39ff8f www.oreo.com data: *.shopify.com maxcdn.bootstrapcdn.com fonts.gstatic.com; frame-src match.adsrvr.org insight.adsrvr.org ct.pinterest.com s.amazon-adsystem.com 'self' c.lytics.io *.google.com td.doubleclick.net *.doubleclick.net *.fls.doubleclick.net www.youtube.com www.youtube-nocookie.com *.bugherd.com *.audioeye.com *.webflow.io irxcm.com www.facebook.com *.facebook.com penpal-iframe-child-example.netlify.app http://localhost:5173 mdz-name-this-oreo-2024-stage-c6be302025e9.herokuapp.com mdz-name-this-oreo-2024-prod-f9b275aae9ff.herokuapp.com oreo.com *.oreo.com oreo-walks-2025-prod-4843db42174c.herokuapp.com oreo-walks-2024-stage-553b7390b50d.herokuapp.com *.bazaarvoice.com stg.api.bazaarvoice.com *.googletagmanager.com *.mdlzapps.cloud; worker-src 'self' blob:Amazon Web Services
PaaS
50%
1 evidence signal
HTML
implied by Amazon S3Libraries & Utilities3
HTTP/3
Miscellaneous
75%
1 evidence signal
Header
h3: h3=":443"; ma=86400Lenis
JavaScript libraries
75%
1 evidence signal
JS Global
lenisVersion โ stringMyFonts
Font scripts
75%
1 evidence signal
Header
\.myfonts\.net: base-uri 'self'; default-src 'self' 'nonce-c79a2ec87e507e52e9b89964dae3b502' https://cdn.shopify.com https://shopify.com; frame-ancestors 'self' app.contentful.com *.googletagmanager.com oreo.com *.oreo.com; style-src privacyportalde-cdn.onetrust.com mondelez.review.eprize.com hello.myfonts.net http://c.lytics.io *.doogma.com s3-us-west-2.amazonaws.com *.click2cart.com click2cart.co *.click2cart.co maxcdn.bootstrapcdn.com *.audioeye.com *.lytics.io *.bazaarvoice.com display.ugc.bazaarvoice.com *.googletagmanager.com googletagmanager.com tagmanager.google.com fonts.googleapis.com 'self' 'unsafe-inline' https://cdn.shopify.com; connect-src 'self' graphql.contentful.com *.prod.uidapi.com prod.uidapi.com insight.adsrvr.org ct.pinterest.com cdn.growthbook.io s.amazon-adsystem.com c.amazon-adsystem.com ara.paa-reporting-advertising.amazon widget.euw1.chat.pega.digital wss://engine.euw1.chat.pega.digital pega-chat-attachments-euw1.s3.eu-west-1.amazonaws.com adservice.google.com googleads.g.doubleclick.net www.googleadservices.com www.google.com www.mczbf.com wss://tolerant-kiwi-magical.ngrok-free.app:* privacyportalde-cdn.onetrust.com wss://ws-mt1.pusher.com screenshots.bugherd.com/health sockjs.pusher.com *.bugherd.com sidebar.bugherd.com/binoculars tagging.oreo.com sessions.bugsnag.com *.bugsnag.com stats.g.doubleclick.net analytics.google.com nprd-gtm-d2c-1-server.mdlzapps.cloud privacyportal-de.onetrust.com cdn.acsbapp.com o19233.ingest.sentry.io analytics.tiktok.com analytics-ipv6.tiktokw.us analytics.pangle-ads.com geolocation.onetrust.com cdn.cookielaw.org *.google-analytics.com *.analytics.google.com *.shopify.com *.myshopify.com monorail-edge.shopifysvc.com s3-us-west-2.amazonaws.com *.click2cart.com click2cart.co *.click2cart.co shop.oreo.com sdk.iad-07.braze.com *.audioeye.com *.googlesyndication.com ad.doubleclick.net *.bazaarvoice.com stg.api.bazaarvoice.com www.facebook.com connect.facebook.net blob: *.googletagmanager.com *.mdlzapps.cloud 'self' https://monorail-edge.shopifysvc.com; form-action 'self' https://api.bazaarvoice.com https://www.facebook.com; object-src 'none'; img-src 'self' data: braze-images.com insight.adsrvr.org *.google.com cdnjs.cloudflare.com idsync.rlcdn.com www.mczbf.com tagging.oreo.com d.agkn.com stats.g.doubleclick.net analytics.google.com d2iiunr5ws5ch1.cloudfront.net c.lytics.io cm.g.doubleclick.net t.co ad.doubleclick.net googleads.g.doubleclick.net analytics.twitter.com cdn.cookielaw.org *.google-analytics.com blob: images.ctfassets.net videos.ctfassets.net cdn.shopify.com images-tastehub.mdlzapps.cloud click2cart.com *.bugherd.com *.mdlzapps.cloud widget.euw1.chat.pega.digital pega-chat-attachments-euw1.s3.eu-west-1.amazonaws.com *.googlesyndication.com www.google.com *.bazaarvoice.com www.facebook.com *.googletagmanager.com googletagmanager.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com; media-src 'self' data: images.ctfassets.net videos.ctfassets.net cdn.shopify.com images-tastehub.mdlzapps.cloud widget.euw1.chat.pega.digital pega-chat-attachments-euw1.s3.eu-west-1.amazonaws.com *.googlesyndication.com; script-src 'self' 'strict-dynamic' cdn.prod.uidapi.com privacyportalde-cdn.onetrust.com cdn.acsbapp.com pnzzmlvk.micpn.com acsbapp.com c.lytics.io analytics.tiktok.com acsbap.com cdn.cookielaw.org static.ads-twitter.com google.com *.google.com tagmanager.google.com blob: *.shopify.com 'unsafe-eval' s3-us-west-2.amazonaws.com *.click2cart.com 'unsafe-hashes' *.audioeye.com *.googletagmanager.com googletagmanager.com 'sha256-ldNO9pII0S0qZFNvWIu8QaeieCEU4Ebs/hKQcJiaav8=' 'sha256-JivjteQzOFNs0SxkyyivpTbXybbi3B4N57K3Pyny9og=' 'sha256-qVWbMXMqZjy+Le+NWOs0nMIk3zAS/IW8ZPIw850ZmuQ=' 'sha256-xWyeACf7ZOesFE8wK3sQrZWPcsC9gw1qe/uS2V0ERco=' 'sha256-7hiC1d6xCwoyVQpxYWf7gXI7sOo2WRNYvRY3v/RiCL4=' 'sha256-FktX8P26Qa8BEDjKcUTaYi31wGF8gz/5JH+aYBhxiYk=' *.bazaarvoice.com 'nonce-c79a2ec87e507e52e9b89964dae3b502'; font-src 'self' oreo.com assets.ctfassets.net privacyportalde-cdn.onetrust.com eprize-content.s3.amazonaws.com hello.myfonts.net/count/39ff8f www.oreo.com data: *.shopify.com maxcdn.bootstrapcdn.com fonts.gstatic.com; frame-src match.adsrvr.org insight.adsrvr.org ct.pinterest.com s.amazon-adsystem.com 'self' c.lytics.io *.google.com td.doubleclick.net *.doubleclick.net *.fls.doubleclick.net www.youtube.com www.youtube-nocookie.com *.bugherd.com *.audioeye.com *.webflow.io irxcm.com www.facebook.com *.facebook.com penpal-iframe-child-example.netlify.app http://localhost:5173 mdz-name-this-oreo-2024-stage-c6be302025e9.herokuapp.com mdz-name-this-oreo-2024-prod-f9b275aae9ff.herokuapp.com oreo.com *.oreo.com oreo-walks-2025-prod-4843db42174c.herokuapp.com oreo-walks-2024-stage-553b7390b50d.herokuapp.com *.bazaarvoice.com stg.api.bazaarvoice.com *.googletagmanager.com *.mdlzapps.cloud; worker-src 'self' blob: