Web Cookies Scanner

All-in-one free web application security tool. Web application vulnerability and privacy scanner with support for HTTP cookies, Flash, HTML5 localStorage, sessionStorage, CANVAS, Supercookies, Evercookies. Includes a free SSL/TLS, HTML and HTTP vulnerability scanner and URL malware scanner.

Instructs the browser if the current website can be embedded in HTML frame by another website. Since this allows the parent website to control the framed page, this creates a potential for data theft attacks ("clickjacking") and most sensitive websites won't allow them to be framed at all (deny) or just allow parts of them to be embedded in frames created by themselves only (samesite).

Reference...

Value contains: Subtype: Subtype name:

We have seen 86220 websites setting the X-Frame-Options HTTP header and 884 unique values of this header.

ipsec.pl SAMEORIGIN
www.snapchat.com DENY
dnsbelgium.be SAMEORIGIN
www.rue21.com SAMEORIGIN
www.okzfg9no6.com SAMEORIGIN
marketbiznes.ru DENY
allvegaspoker.com SAMEORIGIN
lovefilm.com SAMEORIGIN
yahoo.com SAMEORIGIN
groupon.co.in DENY
nationalpost.com SAMEORIGIN
runkeeper.com SAMEORIGIN
assembla.com SAMEORIGIN
elgrafico.mx SAMEORIGIN
btc-e.com DENY
paymaster.ru SAMEORIGIN
thesitewizard.com SAMEORIGIN
spoonful.com SAMEORIGIN
mac.gov.pl SAMEORIGIN
ravelry.com SAMEORIGIN
regions.com SAMEORIGIN, SAMEORIGIN
slashcam.com SAMEORIGIN
perfectmoney.com DENY
cheetahmail.com SAMEORIGIN
nbcumv.com SameOrigin

Web Cookies Scanner

Websites setting X-Frame-Options HTTP header

Websites setting `X-Frame-Options` HTTP header