Skip to main content

Is cookieinformation.com a Scam? Security Check Results - Cookie Information Reviews

cookieinformation.com favicon

Is cookieinformation.com Safe? Security Analysis for Cookie Information

https://cookieinformation.com

Check if cookieinformation.com is a scam or legitimate. Free security scan and reviews.

TechnologyDenmarkmedium
WordPressElementorYoast SEOWP RocketjQuery+4 more
Analyzed 9/6/2025Completed 5:26:19 AM
70
Security Score
MEDIUM RISK

AI Summary

Cookie Information is a Denmark-based technology company specializing in privacy and compliance solutions, primarily offering a Consent Management Platform (CMP) tailored for marketers and organizations needing to comply with GDPR and other privacy regulations. The company positions itself as a market leader with a comprehensive suite of services including cookie banners for websites and mobile apps, integrations, and compliance tools. Their platform supports advanced features such as Google Consent Mode v2, enhancing data quality while respecting user privacy. Technically, the website is built on WordPress with Elementor and optimized for performance, SEO, and mobile responsiveness. The integration of marketing and analytics tools is consent-aware, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, though DNSSEC is not enabled and some CSP issues exist. Overall, the site demonstrates high professionalism, trustworthiness, and compliance readiness, making it a reliable resource for privacy management. Strategic recommendations include enabling DNSSEC, publishing a security policy, and adding vulnerability disclosure mechanisms to further enhance trust and security transparency.

Detected Technologies

WordPressElementorYoast SEOWP RocketjQueryHubSpotIntercomGoogle Tag ManagerPiwik PRO

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Cookie Information operates a SaaS business model focused on privacy compliance technology, targeting marketers and enterprises requiring cookie consent solutions. The company leverages partnerships with marketing platforms like HubSpot and analytics providers such as Piwik PRO and Google Analytics. Its multilingual website and comprehensive resource offerings indicate a global outreach strategy. The business benefits from a strong brand presence, consistent messaging, and trust signals including GDPR compliance and customer success stories. Revenue streams likely include subscription plans for CMP services and premium integrations. The company’s domain age and WHOIS data support its credibility and market presence since 2014, with a founding date in 2017. The absence of parent or subsidiary companies suggests an independent operation focused on core privacy technology services.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

s*****@cookieinformation.com

Phone Numbers (1)

+4589874***

Company Registration

Legal Name:

Cookie Information A/S

VAT Number:

DK-38758292

Security Posture Analysis

Comprehensive Security Assessment

The website enforces HTTPS with a valid SSL certificate and implements multiple security headers, contributing to a robust security posture. The domain status clientTransferProhibited prevents unauthorized domain transfers, enhancing domain security. However, DNSSEC is not enabled, which is a recommended best practice for DNS security. The JavaScript includes mechanisms to handle Content Security Policy violations, indicating some CSP configuration issues that could be tightened. No exposed sensitive data or vulnerable libraries were detected in the HTML content. The site lacks publicly available security policies or incident response information, which could improve transparency and preparedness. Overall, the security maturity is good, with room for improvement in DNS security and policy disclosures.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC on the domain to strengthen DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Cookie Information

Description:

Cookie Information is a global Privacy Provider that offers innovative privacy and compliance solutions to help organizations build trust in their brand by protecting the privacy of their users and employees.

Key Services:
Consent Management Platform for websitesConsent Banner for Mobile AppsIntegrations and pluginsBanner preview tool
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
WordPressElementorYoast SEOWP RocketjQueryHubSpotIntercomGoogle Tag ManagerPiwik PRO
Frameworks:
Elementor
Platforms:
WordPress
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

excellent

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Client transfer prohibited domain status
  • Cookie consent mechanism implemented
  • No exposed sensitive data in HTML

Analytics & Tracking

Services:
Google Analytics (Consent Mode v2)Piwik PRO
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
Google AdsG2 Crowd
Tracking Pixels:
Facebook PixelPinterestLinkedIn Insight TagTwitter PixelGoogle Analytics (via Consent Mode)
Marketing Tools:
HubSpotOmniconvertIntercom
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and professional design.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

95/100
Score

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

97/100
Score

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_spf.google.com include:5354868.spf06.hubspotemail.net include:sendgrid.net -all
DNS Lookups:3/10
Policy:-all
DKIM Selectors Found
Selector:google(1416-bit rsa)
Selector:k2(1416-bit rsa)
Selector:selector1(1296-bit rsa)
Selector:s1(1440-bit rsa)
DMARC Details
Policy:quarantine
Aggregate Reports:dmarc-reports@cookieinformation.com
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

62/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Soon

HIGH

SSL certificate expires in 29 days

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age
11 years(mature)
Expiry Risk
low(171 days)
Protection Level
basicDNSSEC OFF

DNS Records

A Records:212.237.149.8
Name Servers:
ns.dandomain.dk
ns2.dandomain.dk
ns3.dandomain.dkDNS only
MX Records:
1: aspmx.l.google.com
10: alt4.aspmx.l.google.com
5: alt2.aspmx.l.google.com
10: alt3.aspmx.l.google.com
5: alt1.aspmx.l.google.com
SOA:Serial: 2025072801, TTL: 300s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:102ms

SPF Analysis

SPF Record:
v=spf1 include:_spf.google.com include:5354868.spf06.hubspotemail.net include:sendgrid.net -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on a modern WordPress CMS platform using Elementor for page building and Yoast SEO for search optimization. Performance is enhanced by WP Rocket caching and lazy loading scripts. The site integrates multiple marketing and analytics tools such as HubSpot, Intercom, Google Tag Manager, and Piwik PRO, all managed with user consent mechanisms. The site is mobile-optimized with responsive design and accessibility considerations. DNS is managed via dandomain.dk with registrar Key-Systems GmbH. The domain is well-aged and configured with clientTransferProhibited status. Minor technical debt is noted in CSP handling and lack of DNSSEC. Overall, the technical infrastructure is solid, supporting a professional and scalable online presence.
Analyze Another Website