Content-Secure-Policy

HTTP response header

Header usage statistics

Content-Secure-Policy response header information and usage statistics.

Websites using header Content-Secure-Policy 485
Percentage of websites that use Content-Secure-Policy header <0.1%
Total discovered header values 75
Header uses directives No
Header values are unique or random No
Most popular in the country United States of America

Distribution by websites popularity

Content-Secure-Policy detection in the top websites by popularity

Top 10k sites 0 websites
Top 100k sites 4 websites
Top 1m sites 83 websites

Websites utilizing Content-Secure-Policy

List of websites that use Content-Secure-Policy header

Domain Country Rank Contacts
cmetracker.net United States of America 10,306
bechshistory.com United States of America 30,565
yousuckatcooking.com United States of America 69,372
tim.it Italy 97,358
sbi.co.in India 108,282
team17.com United States of America 112,077
See full domain list
Flat price per report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Content-Secure-Policy header values

Header value Value prevalence
default-src 'self'; 42.89%
frame-ancestors 'none'; 25.98%
frame-ancestors 'self'; 3.09%
frame-ancestors 'self' 1.86%
default-src 'none'; script-src 'self' www.google-analytics.com ajax.googleapis.com; img-src *; style-src 'self'; 1.65%
default-src 'self'; script-src *; img-src *; style-src *; 1.24%
default-src 'none'; script-src 'self' cdn.iubenda.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-scripts.com js.hscollectedforms.net player.vimeo.com www.google-analytics.com; img-src *; style-src 'self' cdnjs.cloudflare.com fonts.googleapis.com; fon 1.03%
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self' 1.03%
frame-ancestors 'self' *.googletagmanager.com 1.03%
default-src 'none'; script-src *; img-src *; style-src 'self'; 0.82%
default-src 'none'; script-src 'self' www.google-analytics.com *.googleapis.com www.googletagmanager.com s.ytimg.com www.youtube.com *.googleusercontent.com; img-src *; style-src 'self'; 0.82%
default-src 'none'; script-src 'self' fonts.googleapis.com ; img-src *; style-src 'self'; 0.62%
default-src 'none'; script-src 'self' purl.org xmlns.com ogp.me w3.org rdfs.org www.google-analytics.com ajax.googleapis.com; img-src *; style-src 'self'; 0.62%
default-src 'none'; script-src 'self'; img-src *; style-src 'self'; 0.62%
default-src https: 'unsafe-inline' 'unsafe-eval'; 0.62%
frame-ancestors 'self' www.tru.ca ; 0.62%
default-src 'self' myaguda.co.il; 0.41%
default-src 'self' 'universo.pt';” 0.41%
default-src 'self' data: 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com *.facebook.net *.twitter.com *.jquery.com https://assets.ubembed.com *.gstatic.com https://p.adsymptotic.com *.linkedin.com *.licdn.com t.co *.faceb 0.41%
upgrade-insecure-requests; 0.41%