Content-Secure-Policy HTTP response header

Content-Secure-Policy

HTTP response header

Header usage statistics

Content-Secure-Policy response header information and usage statistics.


Websites using header Content-Secure-Policy	2,979
Percentage of websites that use Content-Secure-Policy header	<0.1%
Total discovered header values	160
Header uses directives	No
Header values are unique or random	No
Most popular in the country	US

Content-Secure-Policy Directives

Content-Secure-Policy directives value information and usage statistics

Directive	Share	Websites count	Unique Values

Distribution by websites popularity

Content-Secure-Policy detection in the top websites by popularity

Top 10k sites	0 websites
Top 100k sites	7 websites
Top 1m sites	115 websites

Websites utilizing Content-Secure-Policy

List of websites that use Content-Secure-Policy header

Domain	Country	Rank
farsi.khamenei.ir	IR	28,962
www.tim.it	IT	31,513
www.ctt.pt	PT	35,635
www.sana.de	DE	42,682
www.sik.dk	DK	62,177
ethanmarcotte.com	US	78,937

See full domain list
Flat price per the report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.

Common header values

List of top common Content-Secure-Policy header values

Header value	Value prevalence
default-src 'self';	56.03%
frame-ancestors 'none';	15.47%
default-src https: 'unsafe-inline' 'unsafe-eval';	5.64%
default-src 'self'; script-src ; img-src ; style-src *;	3.66%
default-src 'self'; img-src *	2.95%
default-src 'none'; script-src 'self' www.google-analytics.com ajax.googleapis.com; img-src *; style-src 'self';	1.71%
default-src 'none'; script-src 'self' fonts.googleapis.com ; img-src *; style-src 'self';	1.17%
default-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com c.imedia.cz www.google.com .gstatic.com .sharethis.com .facebook.net .facebook.com .doubleclick.com .googleadservices.com; img-src ; style-src ;	1.07%
frame-ancestors 'self';	0.91%
default-src 'none'; script-src 'self' www.google-analytics.com .googleapis.com www.googletagmanager.com s.ytimg.com www.youtube.com .googleusercontent.com; img-src *; style-src 'self';	0.60%
default-src 'self'	0.57%
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'	0.44%
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';	0.34%
frame-ancestors 'self' www.tru.ca ;	0.34%
default-src 'self';frame-ancestors 'none';	0.27%
default-src 'https';	0.27%
default-src self;	0.27%
default-src 'self'; script-src 'self' 'unsafe-eval';	0.23%
default-src 'none'; script-src 'self' purl.org xmlns.com ogp.me w3.org rdfs.org www.google-analytics.com ajax.googleapis.com; img-src *; style-src 'self';	0.23%
default-src 'none'; script-src 'self' cdn.iubenda.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-scripts.com js.hscollectedforms.net player.vimeo.com www.google-analytics.com ads.appinf.com; img-src *; style-src 'self' cdnjs.cloudflare.com fonts.googl	0.23%