Content-Security-Policy | default-src 'self'; style-src 'unsafe-inline' data: *; font-src 'self' data: *.googleapis.com *.typekit.net *.gstatic.com; img-src 'self' data: about: *.typekit.net *.google-analytics.com *.doubleclick.net *.betrad.com *.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.betrad.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.google.com *.btstatic.com *.cellfire.com cellfire.com *.typekit.net *.fontdeck.com *.thebrighttag.com *.youtube.com *.ytimg.com; frame-src 'self' *; media-src 'self' *.youtube.com *.youtu.be |