block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report |
64.31% |
script-src 'unsafe-eval' 'self' https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline' internal-soap.wikia.com internal-soap.fandom.com internal-soap.wikia.org internal-soap.gamepedia.com www.fandom.com www.wikia.com www.wikia.org www.gam |
4.66% |
default-src *;script-src 'unsafe-inline' 'unsafe-eval' *;style-src 'unsafe-inline' *;connect-src * blob:;report-uri https://cdn.website-start.de/app/reporting/policyviolation/submit |
4.46% |
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport |
1.77% |
default-src *;script-src 'unsafe-inline' 'unsafe-eval' *;style-src 'unsafe-inline' *;connect-src * blob:;report-uri https://cdn.initial-website.com/app/reporting/policyviolation/submit |
1.28% |
script-src 'unsafe-eval' blob: 'self' meta.wikimedia.org *.wikimedia.org *.wikipedia.org *.wikinews.org *.wiktionary.org *.wikibooks.org *.wikiversity.org *.wikisource.org wikisource.org *.wikiquote.org *.wikidata.org *.wikivoyage.org *.mediawiki.org 'uns |
1.14% |
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report |
1.04% |
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report |
1.03% |
frame-ancestors 'self'; report-uri https://stores.jp/content_security_policy_reports |
0.78% |
font-src 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.auth |
0.72% |
default-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' data: https: 'unsafe-inline'; connect-src https: wss: 'unsafe-inline'; report-uri https://hi.report-uri.io/r/default/csp/reportOnly |
0.70% |
block-all-mixed-content; report-uri /csprep/log |
0.61% |
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://a3frkpbrnzxvdwnkpssx604n.httpschecker.net/report; report-to https://a3frkpbrnzxvdwnkpssx604n.httpschecker.net/report |
0.53% |
block-all-mixed-content; report-uri /global-cgi-bin/csp-report |
0.40% |
default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; report-uri https://sp.report-uri.com/r/default/csp/reportOnly |
0.39% |
default-src https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://logger.kataweb.it/csp/ |
0.38% |
font-src 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcom |
0.37% |
child-src mc.yandex.md mc.yandex.ru;connect-src mc.admetrica.ru mc.yandex.ru yandex.ru;default-src 'none';img-src 'self' *.verify.yandex.ru avatars.mds.yandex.net awaps.yandex.net data: favicon.yandex.net mc.admetrica.ru mc.yandex.com mc.yandex.ru yandex. |
0.35% |
frame-ancestors 'self' *.hudl.com *.youtube.com *.sendtonews.com *.cbssports.com *.247sports.com *.scout.com *.ampproject.org *.amp.cloudflare.com; default-src https: 'unsafe-inline' 'unsafe-eval' wss: ;img-src https: data: blob: ; font-src https: data:; |
0.24% |
default-src https: data: 'unsafe-inline' 'unsafe-eval' |
0.24% |