CSP Data for: df.eu


default-src 'self' https://www.google-analytics.com https://*.optimizely.com; font-src 'self'; frame-src *.vimeocdn.com https://www.google.com https://*.facebook.com https://*.optimizely.com www.youtube.com https://*.fls.doubleclick.net 'self' https://*.facebook.net *.vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://*.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://www.google.com https://*.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://connect.facebook.net ajax.googleapis.com https://www.googleadservices.com 'self' https://*.ampproject.org https://static.ads-twitter.com 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://bat.bing.com https://www.google-analytics.com https://www.dwin1.com https://static-artifact.heg-cp.com https://cdn.polyfill.io; style-src 'self' 'unsafe-inline'; 
default-src 'self' https://*.facebook.com https://www.google-analytics.com https://*.optimizely.com; font-src 'self' https://optimizely.github.io; frame-src *.vimeocdn.com https://www.google.com https://*.facebook.com https://*.optimizely.com www.youtube.com https://*.fls.doubleclick.net 'self' https://*.facebook.net *.vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://*.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://*.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://*.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://static-artifact.heg-cp.com https://www.google.com https://*.twitter.com https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com; 
default-src https://*.facebook.com https://*.optimizely.com 'self' https://*.doubleclick.net https://www.google-analytics.com; font-src 'self' https://optimizely.github.io; frame-src *.vimeocdn.com https://www.google.com https://*.facebook.com https://*.optimizely.com www.youtube.com https://*.fls.doubleclick.net 'self' https://*.facebook.net *.vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://*.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://*.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://*.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://static-artifact.heg-cp.com https://www.google.com https://*.twitter.com https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com; 
default-src https://*.facebook.com https://*.optimizely.com 'self' https://*.doubleclick.net https://www.google-analytics.com; font-src 'self' https://optimizely.github.io; frame-src *.vimeocdn.com https://www.google.com https://*.facebook.com https://*.optimizely.com www.youtube.com https://*.fls.doubleclick.net 'self' https://*.facebook.net https://*.lpsnmedia.net *.vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://*.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://*.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://*.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://*.wsimg.com https://static-artifact.heg-cp.com https://www.google.com https://*.liveperson.net https://*.twitter.com https://*.lpsnmedia.net https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com; 
default-src https://*.facebook.com https://*.optimizely.com 'self' https://*.doubleclick.net https://www.google-analytics.com; font-src 'self' https://optimizely.github.io; frame-src *.vimeocdn.com https://www.google.com https://*.facebook.com https://*.optimizely.com www.youtube.com https://*.fls.doubleclick.net 'self' https://*.facebook.net https://*.lpsnmedia.net *.vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://*.multiscreensite.com 'self' https://java.com https://www.google.de 'unsafe-inline' https://www.df.eu/ https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://*.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://*.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://*.wsimg.com https://static-artifact.heg-cp.com https://www.google.com https://java.com https://*.liveperson.net https://*.twitter.com https://*.lpsnmedia.net https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com; 
default-src https://*.google.de https://*.optimizely.com https://*.facebook.com https://*.google.com 'self' https://*.doubleclick.net https://www.google-analytics.com; font-src 'self' https://optimizely.github.io; frame-src *.vimeocdn.com https://www.google.com https://*.facebook.com https://*.optimizely.com www.youtube.com https://*.fls.doubleclick.net 'self' https://*.facebook.net https://*.lpsnmedia.net *.vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://*.multiscreensite.com 'self' https://java.com https://www.google.de 'unsafe-inline' https://www.df.eu/ https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://*.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://*.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://*.wsimg.com https://static-artifact.heg-cp.com https://www.google.com https://java.com https://*.liveperson.net https://*.twitter.com https://*.lpsnmedia.net https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com; 

#	Time Frame	Framing Control	TLS Enforce	Content Control	Third JS Parties	'unsafe-inline'	http / https / *	data:	Diffs	Normalized Policy
0	2018-08-30 - 2018-10-14	False	False	True	15	True	False	False	0	default-src 'self' https://www.google-analytics.com https://.optimizely.com; font-src* 'self'; frame-src .vimeocdn.com https://www.google.com https://.facebook.com https://.optimizely.com www.youtube.com https://.fls.doubleclick.net 'self' https://.facebook.net .vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://www.google.com https://.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://connect.facebook.net ajax.googleapis.com https://www.googleadservices.com 'self' https://.ampproject.org https://static.ads-twitter.com 'unsafe-inline' 'unsafe-eval' https://.twitter.com https://bat.bing.com https://www.google-analytics.com https://www.dwin1.com https://static-artifact.heg-cp.com https://cdn.polyfill.io; style-src* 'self' 'unsafe-inline';
1	2018-10-15 - 2018-10-30	False	False	True	16	True	False	False	4	default-src 'self' https://.facebook.com https://www.google-analytics.com https://.optimizely.com; font-src 'self' https://optimizely.github.io; frame-src .vimeocdn.com https://www.google.com https://.facebook.com https://.optimizely.com www.youtube.com https://.fls.doubleclick.net 'self' https://.facebook.net .vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://static-artifact.heg-cp.com https://www.google.com https://.twitter.com https://cdn.polyfill.io; style-src* 'self' 'unsafe-inline' https://s3.amazonaws.com;
2	2018-10-31 - 2018-11-12	False	False	True	16	True	False	False	1	default-src https://.facebook.com https://.optimizely.com 'self' https://.doubleclick.net https://www.google-analytics.com; font-src* 'self' https://optimizely.github.io; frame-src .vimeocdn.com https://www.google.com https://.facebook.com https://.optimizely.com www.youtube.com https://.fls.doubleclick.net 'self' https://.facebook.net .vimeo.com; img-src https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://static-artifact.heg-cp.com https://www.google.com https://.twitter.com https://cdn.polyfill.io; style-src* 'self' 'unsafe-inline' https://s3.amazonaws.com;
3	2018-11-13 - 2018-11-21	False	False	True	19	True	False	False	4	default-src https://.facebook.com https://.optimizely.com 'self' https://.doubleclick.net https://www.google-analytics.com; font-src* 'self' https://optimizely.github.io; frame-src .vimeocdn.com https://www.google.com https://.facebook.com https://.optimizely.com www.youtube.com https://.fls.doubleclick.net 'self' https://.facebook.net https://.lpsnmedia.net .vimeo.com; img-src* https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://.multiscreensite.com 'self' https://www.google.de 'unsafe-inline' https://www.df.eu/ https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://.wsimg.com https://static-artifact.heg-cp.com https://www.google.com https://.liveperson.net https://.twitter.com https://.lpsnmedia.net https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com;
4	2018-11-22 - 2018-12-18	False	False	True	20	True	False	False	2	default-src https://.facebook.com https://.optimizely.com 'self' https://.doubleclick.net https://www.google-analytics.com; font-src* 'self' https://optimizely.github.io; frame-src .vimeocdn.com https://www.google.com https://.facebook.com https://.optimizely.com www.youtube.com https://.fls.doubleclick.net 'self' https://.facebook.net https://.lpsnmedia.net .vimeo.com; img-src* https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://.multiscreensite.com 'self' https://java.com https://www.google.de 'unsafe-inline' https://www.df.eu/ https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://.wsimg.com https://static-artifact.heg-cp.com https://www.google.com https://java.com https://.liveperson.net https://.twitter.com https://.lpsnmedia.net https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com;
5	2018-12-19 - END	False	False	True	20	True	False	False	2	default-src https://.google.de https://.optimizely.com https://.facebook.com https://.google.com 'self' https://.doubleclick.net https://www.google-analytics.com; font-src* 'self' https://optimizely.github.io; frame-src .vimeocdn.com https://www.google.com https://.facebook.com https://.optimizely.com www.youtube.com https://.fls.doubleclick.net 'self' https://.facebook.net https://.lpsnmedia.net .vimeo.com; img-src* https://i.ytimg.com data: https://www.google.com https://www.facebook.com https://.multiscreensite.com 'self' https://java.com https://www.google.de 'unsafe-inline' https://www.df.eu/ https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://t.co; object-src 'self'; script-src https://.optimizely.com https://tags.tiqcdn.com https://www.gstatic.com https://www.googleadservices.com 'self' https://static.ads-twitter.com 'unsafe-eval' https://www.google-analytics.com https://www.dwin1.com https://optimizely.s3.amazonaws.com ajax.googleapis.com https://.ampproject.org 'unsafe-inline' https://bat.bing.com https://connect.facebook.net https://.wsimg.com https://static-artifact.heg-cp.com https://www.google.com https://java.com https://.liveperson.net https://.twitter.com https://.lpsnmedia.net https://cdn.polyfill.io; style-src 'self' 'unsafe-inline' https://s3.amazonaws.com;