CSP Data for: halkbank.com.tr

#	Time Frame	Framing Control	TLS Enforce	Content Control	Third JS Parties	'unsafe-inline'	http / https / *	data:	Diffs	Normalized Policy
0	2018-02-24 - 2018-05-23	False	False	True	7	True	False	False	0	connect-src 'self'; default-src 'self'; font-src 'self' .gstatic.com .googleapis.com; frame-src .youtube.com .halkbank.com.tr 'self' .foreks.com .doubleclick.net .google.com; img-src* .gstatic.com data: .facebook.com .googleapis.com .halkbank.com.tr .facebook.net 'self' .doubleclick.net .facebook.com.tr .google.com.tr .google.com .google-analytics.com; media-src 'self'; object-src 'self'; script-src .gstatic.com .googletagmanager.com .googleadservices.com .googleapis.com .halkbank.com.tr 'self' .doubleclick.net 'unsafe-eval' 'unsafe-inline' .google.com .google-analytics.com; style-src 'self' *.googleapis.com 'unsafe-inline';
1	2018-05-24 - 2018-08-14	False	False	True	7	True	False	False	2	connect-src 'self'; font-src 'self' .gstatic.com .googleapis.com; frame-src .youtube.com .halkbank.com.tr 'self' .foreks.com .doubleclick.net .google.com; img-src* .gstatic.com data: .facebook.com .googleapis.com .halkbank.com.tr .facebook.net 'self' .doubleclick.net .facebook.com.tr .google.com.tr .google.com .google-analytics.com; object-src 'self'; script-src .gstatic.com .googletagmanager.com .googleadservices.com .googleapis.com .halkbank.com.tr 'self' .doubleclick.net 'unsafe-eval' 'unsafe-inline' .google.com .google-analytics.com; style-src 'self' *.googleapis.com 'unsafe-inline';
2	2018-08-15 - END	False	False	True	7	True	False	False	3	connect-src 'self'; default-src 'self'; font-src 'self' .gstatic.com .googleapis.com; frame-src .youtube.com .halkbank.com.tr 'self' .foreks.com .doubleclick.net .google.com; img-src* .gstatic.com data: .facebook.com .googleapis.com .halkbank.com.tr .facebook.net 'self' .doubleclick.net .facebook.com.tr .google.com.tr .google.com .google-analytics.com; media-src 'self' .halkbank.com.tr; object-src* 'self'; script-src .gstatic.com .googletagmanager.com .googleadservices.com .googleapis.com .halkbank.com.tr 'self' .doubleclick.net 'unsafe-eval' 'unsafe-inline' .google.com .google-analytics.com; style-src 'self' *.googleapis.com 'unsafe-inline';

Time Frame

Framing Control

TLS Enforce

Content Control

Third JS Parties

'unsafe-inline'

http / https / *

data:

Diffs

Normalized Policy

2018-02-24 - 2018-05-23

False

False

True

True

False

False

connect-src 'self'; default-src 'self'; font-src 'self' *.gstatic.com *.googleapis.com; frame-src *.youtube.com *.halkbank.com.tr 'self' *.foreks.com *.doubleclick.net *.google.com; img-src *.gstatic.com data: *.facebook.com *.googleapis.com *.halkbank.com.tr *.facebook.net 'self' *.doubleclick.net *.facebook.com.tr *.google.com.tr *.google.com *.google-analytics.com; media-src 'self'; object-src 'self'; script-src *.gstatic.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.halkbank.com.tr 'self' *.doubleclick.net 'unsafe-eval' 'unsafe-inline' *.google.com *.google-analytics.com; style-src 'self' *.googleapis.com 'unsafe-inline';

2018-05-24 - 2018-08-14

False

False

True

True

False

False

connect-src 'self'; font-src 'self' *.gstatic.com *.googleapis.com; frame-src *.youtube.com *.halkbank.com.tr 'self' *.foreks.com *.doubleclick.net *.google.com; img-src *.gstatic.com data: *.facebook.com *.googleapis.com *.halkbank.com.tr *.facebook.net 'self' *.doubleclick.net *.facebook.com.tr *.google.com.tr *.google.com *.google-analytics.com; object-src 'self'; script-src *.gstatic.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.halkbank.com.tr 'self' *.doubleclick.net 'unsafe-eval' 'unsafe-inline' *.google.com *.google-analytics.com; style-src 'self' *.googleapis.com 'unsafe-inline';

2018-08-15 - END

False

False

True

True

False

False

connect-src 'self'; default-src 'self'; font-src 'self' *.gstatic.com *.googleapis.com; frame-src *.youtube.com *.halkbank.com.tr 'self' *.foreks.com *.doubleclick.net *.google.com; img-src *.gstatic.com data: *.facebook.com *.googleapis.com *.halkbank.com.tr *.facebook.net 'self' *.doubleclick.net *.facebook.com.tr *.google.com.tr *.google.com *.google-analytics.com; media-src 'self' *.halkbank.com.tr; object-src 'self'; script-src *.gstatic.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.halkbank.com.tr 'self' *.doubleclick.net 'unsafe-eval' 'unsafe-inline' *.google.com *.google-analytics.com; style-src 'self' *.googleapis.com 'unsafe-inline';