x-content-security-policy
HTTP response headerIt controls what domains subdomains and types of resources a browser is allowed to load on a given web page.
Header usage statistics
x-content-security-policy response header information and usage statistics.| Websites using header x-content-security-policy | 146,489 |
| Percentage of websites that use x-content-security-policy header | 0.18% |
| Total discovered header values | More than 10,000 |
| Header uses directives | No |
| Header values are unique or random | No |
| Most popular in the country |  United States |
x-content-security-policy Directives
x-content-security-policy directives value information and usage statistics| Directive | Share | Websites count | Unique Values |
|---|
x-content-security-policy header usage distribution by website rank
Geographical Distribution
Header usage distribution by websites across the globe.Websites utilizing x-content-security-policy
List of websites that use x-content-security-policy header| Domain | Country | Rank | Contacts |
|---|---|---|---|
 Germany | 245 | ||
| Germany | 245 | ||
| United States | 349 | ||
| United States | 734 | ||
| United States | 735 | ||
| United States | 820 |
Common header values
List of top common x-content-security-policy header values| Header value | Value prevalence |
|---|---|
| default-src 'self'; img-src *; media-src * data:; | 19.76% |
| default-src 'self' 'unsafe-inline' | 13.30% |
| default-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://hcaptcha.com https:// | 12.53% |
| default-src 'self' | 4.71% |
| frame-ancestors 'self' | 4.53% |
| allow 'self'; | 3.23% |
| frame-src * | 2.65% |
| default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; | 2.04% |
| default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; | 1.98% |
| img-src *; media-src * data:; | 1.85% |
| script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' data: ; object-src 'self' data: ; frame-src 'self' data: ; | 1.79% |
| default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self' | 1.74% |
| default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; object-src 'self'; frame-src 'self'; frame-ancestors 'self'; | 1.72% |
| frame-ancestors * | 0.91% |
| frame-ancestors 'self' https://uscreen.io https://*.uscreen.io https://www.uscreen.tv https://app.uscreen.tv/ | 0.72% |
| default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; reflected-xss block; | 0.62% |
| default-src 'self'; script-src 'self'; | 0.45% |
| default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org; | 0.45% |
| frame-ancestors 'self'; | 0.35% |
| default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; object-src 'self'; frame-src 'self'; frame-ancestors 'self'; | 0.31% |