x-frame-options Directives (3 total)
- allow-from
- deny
- sameorigin
x-frame-options
HTTP response headerX-Frame-Options is an obsolete header to instruct the browser to allow rendering a page within a frame or iframe. The header is used to enable the Clickjacking protection.
Header usage statistics
x-frame-options response header information and usage statistics.| Websites using header x-frame-options | 1,768,672 |
| Percentage of websites that use x-frame-options header | 15.18% |
| Total discovered header values | 4,776 |
| Header uses directives | Yes |
| Header values are unique or random | No |
| Most popular in the country | 
United States of America
|
x-frame-options Directives
x-frame-options directives value information and usage statistics| Directive | Share | Websites count | Unique Values |
|---|---|---|---|
| sameorigin | 66.87% | 1,182,757 | 6 |
| deny | 12.27% | 216,932 | 1 |
| allow-from | <0.1% | 198 | 69 |
Distribution by websites popularity
x-frame-options detection in the top websites by popularity| Top 10k sites | 4,400 websites |
| Top 100k sites | 20,728 websites |
| Top 1m sites | 178,525 websites |
Websites utilizing x-frame-options
List of websites that use x-frame-options header| Domain | Country | Rank | Contacts |
|---|---|---|---|
|
|
United States of America
|
2 | |
|
|
United States of America
|
3 | |
|
|
United States of America
|
4 | |
|
|
United States of America
|
4 | |
|
|
United States of America
|
5 | |
|
|
United States of America
|
5 |
Geographical Distribution
Header usage distribution by websites across the globe.Common header values
List of top common x-frame-options header values| Header value | Value prevalence |
|---|---|
| SAMEORIGIN | 83.09% |
| DENY | 14.97% |
| ALLOWALL | 0.59% |
| SAMEORIGIN, SAMEORIGIN | 0.28% |
| GOFORIT | 0.14% |
| ALLOW-FROM https://app.kajabi.com | 0.08% |
| ALLOW | 0.04% |
| * | 0.03% |
| SAMEORIGIN,SAMEORIGIN | 0.02% |
| ALLOW-FROM * | 0.02% |
| SAMEORIGIN; ALLOW-FROM 'studio.auswaertiges-amt.de'; ALLOW-FROM 'www.auswaertiges-amt.de'; | 0.02% |
| SAMEORIGIN, ALLOW-FROM *.cas.cn | 0.01% |
| SAMEORIGIN, SAMEORIGIN, SAMEORIGIN, SAMEORIGIN | 0.01% |
| DENY, sameorigin | 0.01% |
| ALLOW-FROM https://my.cratejoy.com | 0.01% |
| allow-from https://engine.prosites.com/ | 0.01% |
| ALLOW-FROM dashboard.pixieset.com | 0.01% |
| SAMEORIGIN, SAMEORIGIN, SAMEORIGIN | 0.01% |
| SAME-ORIGIN | 0.01% |
| ALLOW-FROM https://www.lodgify.com/ | 0.01% |