Is cookielaw.org legit?

85
/ 100
Trusted
Industry: SaaS

This site appears trustworthy, particularly regarding its robust technical infrastructure and strong security measures. However, the redirection away from the primary domain and incomplete legal pages are minor points to consider.

SaaS average: 81/100 · based on 62 sites

Checked: April 21, 2026 at 6:18 AM UTC

Is cookielaw.org a scam? Here's what we found.

Security 95/100

The site boasts a strong security posture with a valid, modern SSL certificate, TLS 1.3, HSTS, CSP, and clickjacking protection, all backed by a clean Google Web Risk report.

Identity 90/100

The domain has a substantial age of 14 years, clearly visible WHOIS information, and a long expiry date, indicating a well-established and transparent identity, despite being registered through a common registrar.

Reputation 80/100

With an extremely high Tranco rank, clean DNS blacklists, and a long domain age, the site has a strong reputation. The redirect to another domain is a minor detractor from user experience.

Transparency 90/100

The site provides clear contact information and a complete branding presence, including social media links, demonstrating good transparency about its operations and how to engage with them.

Compliance 65/100

While the site is related to cookie law, the incomplete legal pages (missing either a privacy policy or terms of service) are a notable gap for compliance, especially given the site's explicit purpose.

Infrastructure 95/100

The underlying infrastructure is robust, featuring multiple IP resolvers, excellent email authentication (SPF, DMARC), Cloudflare for DNS and server, and a swift page load time.

Signals Detected

[+]
Tranco Rank: Rank #508

This is one of the most visited websites globally

[+]
Structured Data: Product data found

Site has structured product information — typical of legitimate e-commerce

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
SSL Certificate: Valid

Valid certificate, expires in 64 days

[?]
Certificate Issuer: Google Trust Services

Certificate issued by Google Trust Services

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
DNS Resolution: 4 IP(s)

Resolves to: 2606:4700::6812:572a, 2606:4700::6812:562a, 104.18.87.42, 104.18.86.42

[+]
Email (MX Records): 2 record(s)

Mail servers: mxa-0085c101.gslb.pphosted.com., mxb-0085c101.gslb.pphosted.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 2 server(s)

DNS providers: bob.ns.cloudflare.com., sharon.ns.cloudflare.com.

[+]
robots.txt: Present

robots.txt has 21 directives

[+]
Branding: Complete

Site has custom branding and social media metadata

[~]
Redirect Check: Redirects away

Site redirects to https://www.onetrust.com/products/cookie-consent/

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: SAMEORIGIN

[?]
Server: cloudflare

Web server: cloudflare

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[+]
Domain Age: 14 years, 0 months

Domain created 2011-06-20T12:47:48Z (14 years, 0 months ago)

[?]
Registrar: NameCheap, Inc.

Registered through NameCheap, Inc.

[+]
Domain Expiry: 2030-06-20T12:47:48Z

Expires in 1521 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[~]
Legal Pages: Partial

Website is missing either privacy policy or terms of service

[+]
Social Media Presence: 4 platforms

Website links to multiple social media platforms

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
Page Load Time: 126ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for cookielaw.org
<a href="https://verified.fyi/review/cookielaw.org"><img src="https://verified.fyi/badge/cookielaw.org?size=medium&style=full&theme=dark" alt="cookielaw.org trust score — verified.fyi" /></a>
[![cookielaw.org trust score](https://verified.fyi/badge/cookielaw.org?size=medium&style=full&theme=dark)](https://verified.fyi/review/cookielaw.org)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a domain like cookielaw.org, especially one associated with a critical area like cookie compliance, users are right to ask: is cookielaw.org legit? This domain functions primarily as a redirect to OneTrust, a major player in consent management platforms (CMPs) and data privacy software. In the SaaS industry, it's common for companies to acquire and manage multiple related domain names and use redirects to consolidate their branding or direct traffic to key product pages. For a site dealing with legal and technical compliance, a long domain age (14 years here) is a significant trust signal. It suggests a sustained presence and commitment to the field, rather than a fleeting operation. While the immediate redirect might seem unusual at first glance, it's a strategic move for larger software companies to channel traffic to their full product suites. Therefore, the trust of cookielaw.org is intrinsically linked to the trust of OneTrust, which is a reputable enterprise legal tech vendor. What's particularly important for a SaaS business in the privacy space is its adherence to its own legal obligations. The partial legal pages on cookielaw.org could be a concern if it were operating as an independent entity. However, given its function as a redirect to OneTrust, it's likely that the comprehensive legal documents reside on the OneTrust website, which is the ultimate destination for users. This integration is typical, but for absolute clarity directly on the original URL, a complete set of legal pages would be ideal.