How to Find Every Cookie on Your Website (Free Scanner)

Quick answer: Most websites set cookies they don't know about. Third-party scripts like Google Analytics, Facebook Pixel, and chat widgets install tracking cookies automatically. The fastest way to find every cookie is to use a free cookie scanner — it identifies, categorizes, and lists all cookies in under 60 seconds.

Why Don't I Know What Cookies My Website Uses?

When you add a script, plugin, or third-party service to your website, it often sets cookies without explicit documentation. A typical business website with Google Analytics, a chat widget, and social media buttons can easily have 15-30 cookies — most of which the site owner never intentionally added.

Under GDPR, you are responsible for every cookie set on your website, including those from third-party scripts. Not knowing what cookies exist is not a defense against a fine.

How to Scan Your Website for Cookies

Method 1: Automated Cookie Scanner (Recommended)

The fastest and most reliable method is using an automated scanner like PrivacyChecker:

1. Enter your website URL at privacychecker.pro
2. The scanner loads your page in a real browser and captures every cookie that gets set
3. Each cookie is categorized as essential, analytics, marketing, or functional
4. You get a full report showing cookie name, domain, expiry, purpose, and category

This takes under 60 seconds and catches cookies that manual methods miss.

Method 2: Browser Developer Tools

For a manual check on individual pages:

1. Open your website in Chrome or Firefox
2. Press F12 to open Developer Tools
3. Go to the Application tab (Chrome) or Storage tab (Firefox)
4. Click Cookies in the left sidebar
5. You'll see all cookies with their name, value, domain, path, and expiry

Limitation: This only shows cookies on the current page. Different pages may set different cookies (e.g., checkout pages, login pages, blog pages with embedded videos).

Method 3: JavaScript Console

For a quick list, open the browser console (F12 → Console tab) and type:

document.cookie.split(';').forEach(c => console.log(c.trim()));

Limitation: This only shows first-party cookies. HttpOnly cookies and third-party cookies won't appear in this list.

The Most Common Cookies You'll Find

What to Do After Finding Your Cookies

1. Categorize each cookie as essential, analytics, marketing, or functional
2. Remove unnecessary cookies — if you don't actively use a tool, remove its script
3. Update your cookie policy — list every cookie with its purpose and duration
4. Configure your consent banner to block non-essential cookies until consent is given
5. Test that blocking works — after rejecting cookies, re-scan to verify they don't load

For a complete guide on implementing a compliant banner, see ourCookie Consent Banner guide.

Frequently Asked Questions

How many cookies does a typical website have?

A typical business website has between 10 and 40 cookies. E-commerce sites often have 30-50+ due to payment processors, retargeting pixels, and product recommendation engines. Simple blogs may have 5-15.

Can I have a website with zero cookies?

Yes, but it's unusual. A static HTML website with no analytics, no forms, and no third-party scripts can operate without any cookies. If you need analytics, cookie-free alternatives like Plausible or Umami provide traffic data without setting any cookies.

Do I need to list cookies in my privacy policy?

Yes. Under GDPR and the ePrivacy Directive, you must declare all non-essential cookies, their purposes, retention period, and whether they share data with third parties. A privacy policy generator may help, but verify it captures all your actual cookies.