there is a (security) header defined in the web.config file:
[add name="X-Frame-Options" value="SAMEORIGIN" /]
(You have to replace the square brackets - [ and ] - by angle brackets - < and >. If I use angle brackets in this forum, the line would not be displayed...)
This header blocks the display of the site in IFrames expect from the same site, and there is a good reason for that, as I explained in a video some years ago: Clickjacking - YouTube
If there is only one site that is allowed to display the content in an IFrame, vou can set it to
[add name="X-Frame-Options" value="ALLOW-FROM https://example.com/" /]
If there are more than one, you have solve that in your CSP (Content Security Policy), the setting there is frame-ancestors.
For more information read X-Frame-Options - HTTP | MDN (mozilla.org) and CSP: frame-ancestors - HTTP | MDN (mozilla.org).