Values for x-xss-protection:
1; mode=block 124,095
1 8,232
0 7,257
1;mode=block 2,801
1; mode=block; 638
1;  mode=block 320
"1; mode=block" 134
"1; mode=block" always 121
1; mode=block; report=/xssProtection.txt 120
1; 88
0; mode=block 70
1; mode=block; report=https://csp.search.yahoo.com/xssreport 69
1; mode = block 60
0;report=https://cdn.website-start.de/app/reporting/policyviolation/submit 35
1 ; mode=block 33
1; mode=block, 1; mode=block 33
23
: 1;mode=block 22
1; mode=block; report=https://cspreport.mail.ru/xxssprotection 19
1; mode=block; report=/others/xss-report.htm 19
mode=block 17
1; mode=block; report=https://hyperia.report-uri.com 17
1; mode-block 16
1; mode=block; report=/beacon/csp.php 14
1;report=https://csp.surveymonkey.com/report?e=false&c=prod&ar=true 14
: 1; mode=block 14
0; 13
1;mod=block 13
X-XSS-Protection: 1; mode=block 12
1;mode=block; 11
1, mode=block 11
1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport 10
1;mode=block;report=https://cspreport.mail.ru/xxssprotection 10
1; report=/nmms/csp-reporting-lo 9
: 1; mode=block 8
"1; mode=block"; 8
1 ;mode=block 8
1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce 7
1; mode=block; report=https://reporting.go-mpulse.net/report/FDSGP-LEB9B-T8Y2A-5V5ED-9WX2T 7
'1; mode=block' 7
: 1;mode=block 7
1; mode= block 7
1; mode=block 7
: mod=block 6
â€ś1; mode=blockâ€ť 6
1; mode=block; report=/error/xss-violation 6
1; mode=block; report=/xxss-violation-report-endpoint/ 6
1; report=/xss_reports 5
1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce 5
1 mode=BLOCK 5
add_header X-XSS-Protection "1; mode=block"; 5
1; report=https://www.web-stat.com/ajax.htm?action=Log 5
1: mode=block 5
1;mode=block;report=<reporting-uri> 5
1; mode=block; report=https://elnino.report-uri.com/r/d/xss/enforce 5
1; report=URI 5
1; mode:block 4
1,mode=block 4
1; mode=block always 4
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce 4
1; block 4
1; mode=block; report=/security-report.php 4
1:mode=block 4
value=1; mode=block 4
1; mode=block; report=https://aipi.report/xss-violation-report 4
1; mode=block; report=https://sentry.io/api/1420452/security/?sentry_key=f85611b7b4134a16a36ce1e9a577c578 3
1;mode = block 3
1, 1; mode=block 3
s1; mode=block 3
1; mode=block; report=https://www.e2open.com?gdsih-xxp-report; 3
'1;mode=block' 3
1; mode=block; report=https://fantastic.report-uri.com/r/d/xss/enforce 3
1; mode=block; report=/local/ajax/CSP.php 3
1; mode=block; report=https://o374816.ingest.sentry.io/api/5193428/security/?sentry_key=077f835ce0ba4860b4b0c62ed9d27079&sentry_environment=prod 3
nosniff 3
1; mode=block; always 3
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce 3
1; mode=block; report=/xss/report 3
1; block; 3
1; mode=block; report=https://thetote.report-uri.com/r/d/xss/enforce 3
1; mode=block; report=https://vizus.report-uri.com/r/d/xss/enforce 3
"1; mode=block" always; 3
0;report=https://cdn.initial-website.com/app/reporting/policyviolation/submit 3
1; report=/csp-report 2
1; mode=block; report=https://idcqaenforce.report-uri.com/r/d/xss/enforce 2
1; mode=block; report=https://xss-report.1stdibs.com/ 2
1; mode =block 2
1; mode=block; report=/nelmio/xss/report 2
1; mode=block; report=https://internations.report-uri.com/r/t/xss/enforce 2
1; mode=block; report=https://www.rockefellerfoundation.org?gdsih-xxp-report; 2
1; mode=block; report=https://zero.report-uri.com/r/d/xss/enforce 2
1; mode=block; report=https://www.virginpulse.com/?gdsih-xxp-report; 2
1; mode=block; report=https://hipages.report-uri.com/r/d/xss/enforce 2
1; mode=block" 2
1; mode=block; report=https://reporting.go-mpulse.net/report/ESGA4-ZKPPH-CRQZS-M8LQ7-ZVYEQ 2
1; mode=block; report=https://partnerize.com?gdsih-xxp-report; 2
1; mode=block; report=/xsslog 2
1; mode=block; report=... 2
: 0 2
: 1 2
1; mode=block; report="https://unicycle.net/report/xss.php" 2
1; report=https://afy.ru/report.php 2
1; mode=block; report=https://webmechanix.report-uri.com/r/d/xss/enforce 2
1; mode=block; report=https://ecostruxureit.report-uri.com/r/t/xss/enforce 2
1; report=/api/error-reporting/logXssReport 2
1; mode=block; report=https://partssource.report-uri.com/r/d/xss/enforce 2
1; mode=block; report=https://pininfarina.it/en/?gdsih-xxp-report; 2
1; mode=block; report=https://bzcsp.report-uri.com/r/d/xss/reportOnly 2
1; mode=block; report-uri='https://eventfrog.report-uri.com/r/d/xss/enforce' 2
1; mod=block 2
1; report=https://55dafc20b00345383dabdc090f37b786.report-uri.com/r/t/xss/enforce 2
0, 1; mode=block 2
1;model=block 2
1; mode=block; report=https://hciyork.report-uri.com/r/d/xss/enforce 2
1; mode=block; report=https://roweb.report-uri.com/r/d/xss/enforce 2
1, "mode=block" 2
1; mode=block [2] 2
1; mode=block;X-Frame-Options: SAMEORIGIN; 2
1; mode=block; report=https://viega.report-uri.com/r/t/xss/reportOnly 2
1; report=https://achtzig20.report-uri.com/r/d/xss/enforce 2
1; mode=deny 2
: mod=block 2
1\; mode=block 2
1; report=/hc/csp 1
0; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=ArriveWebsite&source%5Bcontroller%5D=marketing&source%5Buuid%5D=b57664ef-2a54-43fb-af7d-17a8539190d1 1
1; mode=block; report=https://rubrik.report-uri.com/r/d/xss/enforce 1
1; report=https://indigo.report-uri.com/r/d/xss/reportOnly 1
value 1
1; mode=block; report=/secure-headers/report/r/d/xss/enforce 1
1;
       mode=block 1
1; mode=block; report=https://eventure.report-uri.com/r/d/xss/enforce 1
1; report=https://krisha.kz/status/xssReport 1
1; mode=block; report=https://backinstock.org; 1
1; mode=block; report=https://jloh.report-uri.com/r/d/xss/enforce 1
1; report=https://d2689ebe5e29efe933d4a847c25ddecd.report-uri.com/r/d/csp/enforce 1
1 .vo.msecnd.net; mode=block 1
1; report=/xss-report.do 1
1; mode=block; report=/a5f00e520ff6eed47b239b2a79f1af2289e79c1b536643db8b3dfa3eed23ad38 1
1; mode=block; report=https://api.jeurissen.co/reports/xss/web/carlos.jeurissen.co 1
0,0,0,0,0,0 1
X-XSS-Protection 1
1; mode=block; report=https://www.spscommerce.com?gdsih-xxp-report; 1
1; mode=block; report=https://ordermygear.report-uri.com/r/t/xss/enforce 1
1; report=https://www.wort.lu/report 1
1; mode=block; report=https://www.zinghr.com?gdsih-xxp-report; 1
0, 1, mode=block, report= 1
1; report=/api/csp-report/5f3f05c46e0627d2acfe4857ed84e8fc8dde6ef2 1
1; mode=block; report=https://websiteworld.com/logs/attack.txt 1
1; mode=block; report=https://localnews8.com?gdsih-xxp-report; 1
1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://rs.elcode.ru/xss 1
'1'; 1
1; report=https://quantum.esu.edu/csp/csp-parser.php 1
0,0,0,0,0,0,0,0,0,0,0 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=fc143d6e-e634-46d4-85e2-3e3cf813047b 1
1; report=https://allegroapi.io/seclog/xss 1
1, 1 1
1; report=https://verkkokauppa.report-uri.com/r/t/xss/enforce 1
1;                                     mode=block 1
microphone 'self' 1
1; mode=block 1
1; mode=block; report=https://pluginalliance.report-uri.com/r/d/xss/enforce 1
1; report=/api/report-csp-violation/ 1
1; mode=block; report=https//www.pacogames.com/services/xss 1
0 1
1; mode=block; report=https://essential.gg/api/report/cross-site-scripting 1
block 1
1; mode=block; report=https://www.castlighthealth.com?gdsih-xxp-report; 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=ea54dc5d-3db7-41a9-8f16-edea36a73902 1
1; report=/api/1/data.report_security 1
1; mode=block; report=https://caretobeauty.report-uri.com/r/d/xss/enforce 1
1; report=https://2992bde6ad0fcd23e8e1194ddc9ae1ea.report-uri.com/r/d/xss/reportOnly 1
X-XSS-Protection: 1; report=/Sitefinity/Frontend/Diagnostics/HttpHeadersReport?header=X-XSS-Protection 1
1; report=https://greens.report-uri.com/r/d/xss/reportOnly 1
1; mode=block; report=https://vzpcz.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=d1b3a2e5-995b-4fef-88b6-cc5981408ba2 1
1; mode=block; report=https://glexia.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=a61be3c0-f272-4cd2-9324-50690ef6ff3b 1
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce 1
1; report=1 1
1; report=/api/csp 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=e634b525-91f0-49ac-80ef-84806e944517 1
1; mode=block; report=https://panascais.net/api/report/cross-site-scripting 1
1; mode=block; report=https://cellmapper.report-uri.com/r/d/xss/enforce 1
1; mode=block[2] 1
none 1
1; mode=block; report=https://northmemorial.com?gdsih-xxp-report; 1
1; report=https://6cfee9ad2f0a0f5886b889b97f0c1e3e.report-uri.com/r/d/xss/reportOnly 1
: 1 1
1; mode: block; 1
l;mode=block 1
1; report=https://www.luxtimes.lu/report 1
1; report=https://abcsp.report-uri.com/r/d/csp/reportOnly 1
1; mode=block; report=/v1/xss?url=%2F 1
1; mode=block; report=https://29977f31d1f0eee3894a742ddae91cae.report-uri.com/r/d/xss/reportOnly 1
1; mode=block; report=https://21torr.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://www.spok.com?gdsih-xxp-report; 1
1; report=https://www.pearl.fr/http-headers-report 1
1; report=/violation-report.php 1
1; mode=block; report=/report-xss 1
1; mode=blockâ€ť 1
1; mode=block; report=https://cirro.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://www.stopkillerrobots.org?gdsih-xxp-report; 1
1; mode=block; report="https://www.med24.dk/httpReport/X-XSS-Protection/1685932345" 1
1; mode=block; report=https://6c20096530348707611466d249183c11.report-uri.com/r/d/xss/enforce 1
1; report=https://6d153c89aff98df62a0c4c4c2847c74e.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://sentry.io/api/41432/security/?sentry_key=8263757b037c48dcafd3483e0970ca14 1
1; report=https://failte.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://feldman.report-uri.com/r/d/xss/enforce 1
1; mode=block always; 1
1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=engineering_blog%2Fblog&source%5Bdomain%5D=shopify.engineering&source%5Bsection%5D=brochure&source%5Buuid%5D=9258bf31-2cd2-46e9-a256-5487e7aedfdd 1
1; mode=block; report=https://api.clearbooks.co.uk/security-reporting/xss 1
1; mode=block; report=https://rootbg.report-uri.com/r/d/xss/enforce 1
1;report=https://www.asmc.de/report 1
" 1
1; mode=block; report=https://serge.report-uri.com/r/d/csp/enforce 1
1; mode=block; report=https://freetibet.org?gdsih-xxp-report; 1
1; mode=block; report="https://www.med24.se/httpReport/X-XSS-Protection/1685933743" 1
1; mode=block; report=https://fusionapps.report-uri.com/r/d/xss/enforce 1
1; mode=block; report="https://www.med24.no/httpReport/X-XSS-Protection/1685938314" 1
1; mode=block; report=https://www.inttra.com?gdsih-xxp-report; 1
D1; mode=block 1
ALWAYS 1
1; mode=block; report=https://www.banknorwegian.no/log/csp 1
1; mode=block; report=https://vapoo.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://www.safebreach.com?gdsih-xxp-report; 1
1; mode=block; report=https://quantum-health.com?gdsih-xxp-report; 1
1; mode=block; report=https://vastlimits.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://www.nrmca.org?gdsih-xxp-report; 1
1; mode=block; report=https://nestxss.report-uri.com/r/d/xss/enforce 1
X-XSS-Protection" "1; mode=block 1
1; mode=block; report=https://ntpages.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fpartners&source%5Buuid%5D=5bf1fbca-fbe5-40e4-a086-ad0efd0d8a3f 1
1; mode=block   X-Content-Type-Options: nosniff 1
1; mode=block; report=https://itsupport.kiev.ua/x-xss-protection-report 1
1; mode=block; report=https://invb.ru/ 1
1; mode=block; report=https://coinloan.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://provider.pl?gdsih-xxp-report; 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=39739223-643c-4528-a1c4-8a6649f35282 1
1;mode=block 1
1; mode=block, 1; mode=block, 1; mode=block 1
1; mode=block; report=https://league.com?gdsih-xxp-report; 1
1; mode=block; report=/api/csp/report 1
1; mode=block; report=https://secure.wonderline.eu/reports/xss-protection/ 1
1; model=block 1
1; mode=block; report=https://www.blujaysolutions.com?gdsih-xxp-report; 1
0; report=/069b75c4f2e07da64b888cac9af4ea98c60c3e6787e0368d1a5ab34114eda24e 1
1; mode=block; report=https://wptouch.com/; 1
1; mode=block; report=https://paulmromer.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopifyAppStore&source%5Bcontroller%5D=merchant%2Fapp_details&source%5Buuid%5D=50ebab19-8f8c-4a7f-90c7-1c4845e5e1f4 1
1; mode=block; report=https://arnove.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://cisofy.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://www.banknorwegian.de/log/csp 1
1; mode=block; report=https://www.hvst.com/csp-report 1
1; mode=block; report=https://mills.report-uri.com/r/d/xss/enforce 1
1; mode_block 1
1; report=https://o266291.ingest.sentry.io/api/5647787/security/?sentry_key=a72999d558b84b939ee7095e8a8c18e3 1
1; mode=block; report=https://netsolutionstoday.com?gdsih-xxp-report; 1
0; mode=allow 1
1; mode=block; report=https://bbcsp.report-uri.com/r/d/xss/enforce 1
'1'; mode='block' 1
1; mode=block; report=https://www.banknorwegian.se/log/csp 1
1; mode=block; report=https://www.unidata.it?gdsih-xxp-report; 1
1; mode=block; report=https://swimlane.com?gdsih-xxp-report; 1
1;mode=block;report=https://alphawave.report-uri.com/r/d/xss/enforce 1
1; report=https://advisa.report-uri.com/r/d/xss/reportOnly 1
1; report=/csp-violation 1
0;mode=block 1
1;        mode=block 1
1; mode=block; report=https://malwarezero.report-uri.com/r/default/xss/enforce 1
SAMEORIGIN 1
1; mode=block; report=/api/report-csp 1
1;mode=block 1
1; mode=block, public 1
1;		mode=block 1
1; report=/csp-violation; mode=block 1
1; mode=block; report=https://www.kyocode.com?gdsih-xxp-report; 1
1; mode=block; report=https://forums.seloc.org/csp-hotline.php?xss-report 1
geolocation 'self' https://ebanking.avanzbanc.com https://www.avanzbanc.com http://crl3.digicert.com http://ocsp.digicert.com 1
1; mode=block; report=https://api.jeurissen.co/reports/xss/web/playxylo.com 1
1; report=/main/sys/report 1
1; mode=block; report=https://www.nano-di.com?gdsih-xxp-report; 1
1; report=http://m2ch.hk/browser-reports 1
1; report=https://login.xtm.cloud:443/saas-manager/cspReport.serv 1
1; mode=block' 1
1; mode=block; report=https://energynet.report-uri.com/r/d/xss/enforce 1
1; mode=block; report="https://e44243558046671cd5cc224d223c92e6.report-uri.com/r/d/xss/enforce" 1
X-XSS-Protection: 1 1
1;mode-block 1
1; mode=sanitize 1
1; mode=blockver 1
1; mode=block; report=https://gravie.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://pestakeholder.org?gdsih-xxp-report; 1
1; mode=block 2 1
1; report=https://www.newyork.nl/?csp-violation-report=1 1
1; report=https://www.newyork.co.uk/?csp-violation-report=1 1
1; mode=block; report=https://insolutionsglobal.com?gdsih-xxp-report; 1
1; mode=bolck 1
-1; mode=block 1
1; mode=block,1; mode=block 1
1; mode=block" always 1
1:mode=block; 1
1; mode=block; report=https://mx.org.ua/x-xss-protection-report 1
1; report=https://5july.org/wp-json/wpcsp/v1/route/LogPolicyViolation?_wpnonce=63c3097415 1
noopen 1
0;report=https://cdn.eu.mywebsite-editor.com/app/reporting/policyviolation/submit 1
1; mode=block; report=https://www.crossdresserheaven.com?gdsec-xxp-report; 1
1; mode=block 1
1; mode=blockaddXFrameOptionsHeader 1
1; mode=block; report=https://cdslegal.com?gdsih-xxp-report; 1
1; mode=block; report=https://www.qualcommventures.com?gdsih-xxp-report; 1
1; mode=block; report=https://katabat.com?gdsih-xxp-report; 1
1; mode=block; report=https://gameintel.io/xss-enforce-violation-reporting; 1
1; report=https://promokodio.com/api/report/xss 1
1; mode=block; report=https://security.itgalaxy.company/report 1
1; mode=block: X-XSS-Protection: 1; report=http://balajisoftsol.com/xss 1
1; report=https://evadept.com/xss_alert 1
1;report=/report-xss 1
1; mode=block; report=https://propertii.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://oteleuro.ru/sentry-integration/x-xss-protection/report/ 1
1; mode=block; report=https://www.dimensionengineering.com/sec-report/ 1
1; mode=block; report=https://www.zomato.com/cspreport.php 1
1; mode=block; report=https://fotoskoda.report-uri.com/r/d/xss/enforce 1
1;    mode=block 1
1; mode=block; report=https://www.eight25media.com?gdsih-xxp-report; 1
1; mode=block; report=https://inventaire.io/api/reports?action=csp-report; 1
1; mode=block; report-uri=/csp/report.php 1
1; report=/csp-violations/ 1
1; mode=block; report=https://transcore.com?gdsih-xxp-report; 1
1; mode=block; report=https://basiscode.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://terso.report-uri.com/r/d/xss/enforce 1
1; mode=block; report=https://staffordhosts.co.uk?gdsih-xxp-report; 1
1; mode=block; report=https://veracitycommon.report-uri.com/r/t/xss/enforce 1
1; report=https://charanga.com/general/csp_logger 1
default-src: https:; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN 1
1; mode=block; report=https://ip-games.ru/xss_reports 1
1; mode=block; report=https://bitwoci.report-uri.com/r/d/xss/enforce 1
1;mode=block;report=https://bairwell.report-uri.com/r/d/csp/enforce 1
1; mode=block; xss=on; 1
1; mode=blocke 1
1  mode=block 1
1;made=block 1
* 1
1 'block' 1
1; mode=block; report=https://datakitchen.io?gdsih-xxp-report; 1
1; report=/Ajax/ContentSecurityPolicy/report 1
1; mode=block; report=http://www.wincan.com?gdsih-xxp-report; 1
1; mode=block; report=https://reporting.go-mpulse.net/report/8WYVA-VHWT3-NJU5F-XVBLK-47DNY 1
1; mode=block; report=https://www.melbournevaluers.net.au?gdsih-xxp-report; 1
1; mode=block; report=https://www.hse.ru/n/api/xss/report 1
0; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=ArriveWebsite&source%5Bcontroller%5D=marketing&source%5Buuid%5D=b21363ea-631b-4b8f-8390-84a6ec0b498c 1
1; mode=block; report="https://report.atraining.net/xss" 1
1; mode=block; report=https://fordthunderbirdforum.com/logs/attack.txt 1
1; mode=block; report=https://sentry.io/api/12909/security/?sentry_key=1610ada4146c464fa0d641df9d41ff59&sentry_environment=production&sentry_release=R20230531090956 1
1; mode=block, 1; mode=block;, 1; mode=block; 1
1; mode=block; report=https://flyerheroes.com; 1