Content-Security-Policy | default-src 'self' data:; connect-src 'self' https://performance.typekit.net; script-src 'self' data: 'unsafe-eval' 'unsafe-inline' about: cdn.jsdelivr.net code.jquery.com https://cdn.polyfill.io use.typekit.net http://code.jquery.com/jquery-2.2.4.min.js pullzone1-corydowdywebdesi.netdna-ssl.com vimeo.com vimeo.com/api/ https://caniuse.bitsofco.de/embed/ https://platform.twitter.com https://cdn.syndication.twimg.com; style-src 'self' pullzone1-corydowdywebdesi.netdna-ssl.com 'unsafe-inline' use.typekit.net platform.twitter.com maxcdn.bootstrapcdn.com; img-src 'self' data: pullzone1-corydowdywebdesi.netdna-ssl.com p.typekit.net img.youtube.com vimeo.com i.vimeocdn.com syndication.twitter.com pbs.twimg.com https://platform.twitter.com; media-src 'self' pullzone1-corydowdywebdesi.netdna-ssl.com; frame-src 'self' maps.google.com *.google.com www.youtube.com *.vimeo.com https://caniuse.bitsofco.de/embed/; font-src 'self' data: https://fonts.typekit.net use.typekit.net maxcdn.bootstrapcdn.com |