Skip to main content
SecScannerSecScanner
Security ChecksFree ToolsPricingBlog
Get Started
Sign InGet Started

Cookie Checker

Free online cookie checker and scanner. Scan any website to discover all cookies, check Secure, HttpOnly, and SameSite flags, verify cookie prefixes, and get actionable security recommendations.

What We Check

Full cookie inventory scan
Secure flag verification
HttpOnly attribute check
SameSite policy analysis
Cookie prefix validation (__Host-, __Secure-)
Session vs persistent cookie identification

How It Works

1

Enter any website URL to scan

2

We fetch the page and capture all Set-Cookie response headers

3

Each cookie is analyzed for security attributes (Secure, HttpOnly, SameSite)

4

Cookie prefixes and expiration settings are verified

5

You receive a full report with fix recommendations for each cookie

Security Checks Included

This tool runs the following security checks on your website

Set-Cookie headersCookie Security Prefixes

Frequently Asked Questions

What is a cookie checker?
A cookie checker is an online tool that scans a website and lists all cookies it sets, along with their security attributes. It helps you verify that cookies are configured securely and comply with best practices like using Secure, HttpOnly, and SameSite flags.
How do I check cookies on a website?
Enter the website URL in our cookie scanner above. We'll scan the site, identify all cookies from Set-Cookie headers, and show their security attributes including Secure, HttpOnly, and SameSite flags with recommendations.
What is the Secure cookie flag?
The Secure flag ensures cookies are only sent over HTTPS connections. Without it, cookies can be intercepted on insecure networks. Our cookie checker verifies this flag on every cookie.
What is the HttpOnly flag?
HttpOnly prevents JavaScript from accessing cookies via document.cookie, protecting against XSS attacks that try to steal session tokens. It's one of the most important cookie security attributes.
What is the SameSite attribute?
SameSite controls when cookies are sent with cross-site requests. Setting it to 'Strict' or 'Lax' protects against CSRF attacks. Our scanner checks this attribute on all cookies.
Why should I scan my website's cookies?
Cookie scanning helps you identify security risks like missing HttpOnly flags on session cookies, missing Secure flags, and improper SameSite settings that could expose users to session hijacking, XSS, and CSRF attacks.
Is this cookie scanner free?
Yes, our cookie checker is completely free. It's part of SecScanner's free security scanning toolkit that includes 22 free checks covering cookies, SSL, headers, DNS, and more.

Ready to Check Your Website?

Run a free security scan now and get instant results with actionable fix recommendations.

Product

  • Security Checks
  • Free Tools
  • SSL Checker
  • Vulnerability Scanner
  • Email Security
  • Pricing
  • Compliance
  • Security Reports

Popular Checks

  • CSP Check
  • HSTS Check
  • TLS Version Check
  • SSL Expiry Check
  • SPF/DKIM/DMARC Check
  • Cookie Security Check
  • JS Vulnerability Scan
  • OCSP Stapling Check

Resources

  • Blog
  • Glossary
  • Contact

Legal

  • Terms of Use
  • Privacy Policy
  • Refund Policy
  • Cookie Policy

© 2025-2026 SecScanner. All rights reserved.