default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net wss://*.hotjar.com 'self'; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft. |
33.51% |
default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; report-uri content.php?action=150&module=core&handler=ContentSecurityPolicyHandler&mode=reportCspViolation; report-to content.php?action=150&module=core&handler=ContentSecurityPolicyHandler&mode=rep |
19.07% |
report-uri /report-csp-violation |
3.09% |
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: |
3.09% |
default-src 'self';img-src * data:;style-src 'self';font-src 'self';script-src 'self';connect-src 'self';frame-src 'self';child-src 'self';form-action 'self';block-all-mixed-content; report-uri https://bbcsp.report-uri.io/r/default/csp/reportOnly |
2.06% |
default-src 'self'; report-uri /admin/config/system/seckit/csp-report |
2.06% |
default-src https: 'unsafe-inline' 'unsafe-eval' data: about:; report-uri /_resources/php/csp-report.php |
1.55% |
default-src * |
1.55% |
default-src 'self' https://static.eole-web.fr http://static.eole-web.fr; script-src 'self' 'unsafe-eval' data: http://cdn.ckeditor.com https://cdn.ckeditor.com http://connect.facebook.net https://connect.facebook.net https://platform.twitter.com http://pl |
1.55% |
default-src https: 'unsafe-inline' 'unsafe-eval' data: about: blob:; report-uri /_resources/php/csp-report.php |
1.03% |
default-src 'self';img-src * data:;style-src 'self' 'unsafe-inline';font-src 'self';script-src 'self' 'unsafe-inline';connect-src 'self';frame-src 'self';child-src 'self';form-action 'self';block-all-mixed-content; report-uri https://bbcsp.report-uri.io/r |
1.03% |
report-uri /report-csp-violation; upgrade-insecure-requests |
1.03% |
block-all-mixed-content; report-uri https://csp-reports.pravmir.ru/https-mixed-content-logger/csp_report_log.php; |
1.03% |
block-all-mixed-content; report-uri https://www.matrony.ru/https-mixed-content-logger/csp_report_log.php; |
1.03% |
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /admin/config/system/seckit/csp-report |
1.03% |
default-src * 'unsafe-eval' 'unsafe-inline' data: filesystem: about: blob: ws: wss: https:; block-all-mixed-content; report-uri https://rum.bodybuilding.com/csp; |
1.03% |
default-src 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; img-src * data: zixx: zixxs: cid: file: blob:; font-src * data:; connect-src 'self' www.googleapis.com apis |
1.03% |
default-src 'self' *.nasa.gov; script-src 'self' 'unsafe-inline' 'unsafe-eval' s.ytimg.com *.googletagmanager.com *.earthdata.nasa.gov script.crazyegg.com *.google-analytics.com s3.amazonaws.com *.youtube.com cdn.datatables.net svc.webspellchecker.net *.f |
1.03% |
default-src 'self' blob:; script-src 'self' 'unsafe-eval' blob: https: www.google.com tags.tiqcdn.com secure.insightexpressai.com browser-update.org *.newrelic.com *.nr-data.net api.swiftype.com onqblog.disqus.com a.disquscdn.com platform.twitter.com snap |
1.03% |
default-src 'self' 'unsafe-inline' 'unsafe-eval' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' 'unsafe-eval' *; img-src 'self' 'unsafe-inline' 'unsafe-eval' *; med |
0.52% |