Secure Cookie Tester
Inspect the cookies a site sets and check their Secure, HttpOnly and SameSite flags. Checked from Uptimeify's EU servers — cookie values are never shown.
End the manual growth tax.
Running checks by hand eats valuable agency time. Uptimeify monitors your entire client portfolio from one place — on a fair, organization-wide quota model, on secure EU infrastructure. No per-client fees, no surprises.
Frequently asked questions about Secure Cookie Tester
Three flags matter. Secure means the cookie is only sent over HTTPS. HttpOnly hides it from JavaScript, so an XSS bug can't read it. SameSite (Lax or Strict) stops the cookie from being sent on cross-site requests, which blocks most CSRF. Session and auth cookies should always have all three; SameSite=None requires Secure or browsers drop the cookie.
No — we only read the cookie names and their security flags from the Set-Cookie headers; the values are never returned or stored. The request runs on Uptimeify's EU servers and only allows http and https, refusing private or internal addresses. As an EU-built, EU-hosted provider, we keep this off US infrastructure and clear of US Cloud Act exposure.
A framework upgrade or proxy change can quietly drop a cookie flag and open a session-hijacking hole. Check your cookies here, then let Uptimeify watch the site continuously and alert you the moment its response changes unexpectedly.
Uptimeify for Agencies
A fair quota model instead of unfair per-client fees — monitor every client from one dashboard.
Explore featuresFree Agency Success Kit
Get exclusive SLA contract templates and white-label pitch decks to win and keep more clients.
Get the kitInteractive Profit Calculator
See the untapped margin hiding in your operations — calculate your agency's monitoring profit potential.
Open the calculator