diff --git a/acrobat/scripts/contentSecurityPolicy/dev.js b/acrobat/scripts/contentSecurityPolicy/dev.js
index e87d2a8b..ab41d860 100644
--- a/acrobat/scripts/contentSecurityPolicy/dev.js
+++ b/acrobat/scripts/contentSecurityPolicy/dev.js
@@ -54,6 +54,26 @@ const connectSrc = [
   '*.hlx.page',
   '*.hlx.live',
   'cdn.linkedin.oribi.io',
+  '345-tti-184.mktoutil.com',
+  'adservice.google.com',
+  'rum.hlx.page',
+  'us-central1-adaptive-growth.cloudfunctions.net',
+  '360-kci-804.mktoresp.com',
+  'analytics.google.com',
+  'api.ultimateadb.com',
+  'c.clicktale.net',
+  'cdnmd.global-cache.online',
+  'ip.x2convert.com',
+  'pagead2.googlesyndication.com',
+  'pdfnow.adobe.io',
+  'searchaggr-dra.dt.dbankcloud.com',
+  'tl.ytlogs.ru',
+  'tr.snapchat.com',
+  'translate.googleapis.com',
+  'trial-eum-clientnsv4-s.akamaihd.net',
+  'trial-eum-clienttons-s.akamaihd.net',
+  'www.google.com',
+  'tm.filter:1506',
   ';',
 ];
 
@@ -66,6 +86,16 @@ const defaultSrc = [
 const fontSrc = [
   '\'self\'',
   'use.typekit.net',
+  'fonts.gstatic.com',
+  'appdown.pstatic.net',
+  'assets.merci-app.com',
+  'at.alicdn.com',
+  'cdn.jsdelivr.net',
+  'fast.fonts.net',
+  'fc652372aa05f6ec093286fe86f2057df39e68f7-m.eu-proxy.startpage.com',
+  'fonts.bunny.net',
+  'static.zohocdn.com',
+  'svcs.tql.com',
   ';',
 ];
 
@@ -99,6 +129,32 @@ const frameSrc = [
   'www.facebook.com',
   'www.youtube.com',
   's.company-target.com',
+  'notify.bluecoat.com',
+  'block.opendns.com',
+  'bpb.opendns.com',
+  'cn-1793901926-23-7vnsr30362.ibosscloud.com',
+  'cookieaquila.com',
+  'gateway.bogd.local',
+  'gateway.zscalerthree.net',
+  'gateway.zscalertwo.net',
+  'gateway.zscloud.net',
+  'it.sanmina.com',
+  'lordanavid.com',
+  'makeviraltrends.com',
+  'mozbar.moz.com',
+  'panpac.pfizer.com',
+  'pixel.everesttech.net',
+  'pwm-image.trendmicro.jp',
+  'redirect.isolation.zscaler.com',
+  'safe.menlosecurity.com',
+  'siteblocked.nauka.gov.pl',
+  'td.doubleclick.net',
+  'tr.snapchat.com',
+  'trendlavida.com',
+  'videogamewatch1.com',
+  'web.mpsp.mp.br',
+  'www.searchfor.org',
+  'zswpmanager.wip.mmc.com',
   ';',
 ];
 
@@ -145,6 +201,50 @@ const imgSrc = [
   'fast-track--milo--adobecom.hlx.live',
   '*.hlx.page',
   '*.hlx.live',
+  'analytics.tiktok.com',
+  'l.clicktale.net',
+  'mir-s3-cdn-cf.behance.net',
+  'www.google.ca',
+  'www.google.ci',
+  'www.google.co.id',
+  'www.google.co.il',
+  'www.google.co.kr',
+  'www.google.co.th',
+  'www.google.co.uk',
+  'www.google.co.za',
+  'www.google.com',
+  'www.google.com.ar',
+  'www.google.com.gh',
+  'www.google.com.hk',
+  'www.google.com.kw',
+  'www.google.com.mx',
+  'www.google.com.my',
+  'www.google.com.ng',
+  'www.google.com.ph',
+  'www.google.com.pr',
+  'www.google.com.sa',
+  'www.google.com.tr',
+  'www.google.com.tw',
+  'www.google.com.vn',
+  'www.google.cz',
+  'www.google.de',
+  'www.google.dk',
+  'www.google.fr',
+  'www.google.it',
+  'www.google.nl',
+  'www.google.pl',
+  'www.google.pt',
+  'www.google.se',
+  'cdn.css-tricks.com',
+  'a5.behance.net',
+  'ad.doubleclick.net',
+  'adservice.google.com',
+  'alb.reddit.com',
+  'analytics.twitter.com',
+  'c.clicktale.net',
+  'cdn.honey.io',
+  'fonts.gstatic.com',
+  'googleads.g.doubleclick.net',
   ';',
 ];
 
diff --git a/acrobat/scripts/contentSecurityPolicy/prod.js b/acrobat/scripts/contentSecurityPolicy/prod.js
index 1de68588..f3a88988 100644
--- a/acrobat/scripts/contentSecurityPolicy/prod.js
+++ b/acrobat/scripts/contentSecurityPolicy/prod.js
@@ -45,6 +45,25 @@ const connectSrc = [
   '*.typekit.net/',
   'trial-eum-clienttons-s.akamaihd.net/',
   '*.akstat.io/',
+  '345-tti-184.mktoutil.com',
+  'adservice.google.com',
+  'rum.hlx.page',
+  'us-central1-adaptive-growth.cloudfunctions.net',
+  '360-kci-804.mktoresp.com',
+  'analytics.google.com',
+  'api.ultimateadb.com',
+  'c.clicktale.net',
+  'cdnmd.global-cache.online',
+  'ip.x2convert.com',
+  'pagead2.googlesyndication.com',
+  'searchaggr-dra.dt.dbankcloud.com',
+  'tl.ytlogs.ru',
+  'tr.snapchat.com',
+  'translate.googleapis.com',
+  'trial-eum-clientnsv4-s.akamaihd.net',
+  'trial-eum-clienttons-s.akamaihd.net',
+  'www.google.com',
+  'tm.filter:1506',
   ';',
 ];
 
@@ -60,6 +79,16 @@ const defaultSrc = [
 const fontSrc = [
   '\'self\'',
   'use.typekit.net',
+  'fonts.gstatic.com',
+  'appdown.pstatic.net',
+  'assets.merci-app.com',
+  'at.alicdn.com',
+  'cdn.jsdelivr.net',
+  'fast.fonts.net',
+  'fc652372aa05f6ec093286fe86f2057df39e68f7-m.eu-proxy.startpage.com',
+  'fonts.bunny.net',
+  'static.zohocdn.com',
+  'svcs.tql.com',
   ';',
 ];
 
@@ -85,7 +114,6 @@ const frameSrc = [
   'bid.g.doubleclick.net',
   'dc-api.adobecontent.io',
   'documentcloud.adobe.com',
-  'acrobat.adobe.com',
   'servedby.flashtalking.com',
   'tr.snapchat.com/',
   'tr6.snapchat.com/',
@@ -95,6 +123,32 @@ const frameSrc = [
   'www.facebook.com',
   'www.youtube.com',
   's.company-target.com',
+  'notify.bluecoat.com',
+  'block.opendns.com',
+  'bpb.opendns.com',
+  'cn-1793901926-23-7vnsr30362.ibosscloud.com',
+  'cookieaquila.com',
+  'gateway.bogd.local',
+  'gateway.zscalerthree.net',
+  'gateway.zscalertwo.net',
+  'gateway.zscloud.net',
+  'it.sanmina.com',
+  'lordanavid.com',
+  'makeviraltrends.com',
+  'mozbar.moz.com',
+  'panpac.pfizer.com',
+  'pixel.everesttech.net',
+  'pwm-image.trendmicro.jp',
+  'redirect.isolation.zscaler.com',
+  'safe.menlosecurity.com',
+  'siteblocked.nauka.gov.pl',
+  'td.doubleclick.net',
+  'tr.snapchat.com',
+  'trendlavida.com',
+  'videogamewatch1.com',
+  'web.mpsp.mp.br',
+  'www.searchfor.org',
+  'zswpmanager.wip.mmc.com',
   ';',
 ];
 
@@ -143,6 +197,49 @@ const imgSrc = [
   'milo.adobe.com',
   'p.typekit.net',
   's.tgm.yahoo-net.jp',
+  'analytics.tiktok.com',
+  'l.clicktale.net',
+  'mir-s3-cdn-cf.behance.net',
+  'www.google.ca',
+  'www.google.ci',
+  'www.google.co.id',
+  'www.google.co.il',
+  'www.google.co.kr',
+  'www.google.co.th',
+  'www.google.co.uk',
+  'www.google.co.za',
+  'www.google.com',
+  'www.google.com.ar',
+  'www.google.com.gh',
+  'www.google.com.hk',
+  'www.google.com.kw',
+  'www.google.com.mx',
+  'www.google.com.my',
+  'www.google.com.ng',
+  'www.google.com.ph',
+  'www.google.com.pr',
+  'www.google.com.sa',
+  'www.google.com.tr',
+  'www.google.com.tw',
+  'www.google.com.vn',
+  'www.google.cz',
+  'www.google.de',
+  'www.google.dk',
+  'www.google.fr',
+  'www.google.it',
+  'www.google.nl',
+  'www.google.pl',
+  'www.google.pt',
+  'www.google.se',
+  'cdn.css-tricks.com',
+  'ad.doubleclick.net',
+  'adservice.google.com',
+  'alb.reddit.com',
+  'analytics.twitter.com',
+  'c.clicktale.net',
+  'cdn.honey.io',
+  'fonts.gstatic.com',
+  'googleads.g.doubleclick.net',
   's.yimg.jp',
   'yjtag.yahoo.co.jp',
   ';',
diff --git a/acrobat/scripts/contentSecurityPolicy/stage.js b/acrobat/scripts/contentSecurityPolicy/stage.js
index f6ce24ae..458df2c9 100644
--- a/acrobat/scripts/contentSecurityPolicy/stage.js
+++ b/acrobat/scripts/contentSecurityPolicy/stage.js
@@ -52,6 +52,26 @@ const connectSrc = [
   '*.hlx.live',
   'cdn.linkedin.oribi.io',
   '*.akstat.io/',
+  '345-tti-184.mktoutil.com',
+  'adservice.google.com',
+  'rum.hlx.page',
+  'us-central1-adaptive-growth.cloudfunctions.net',
+  '360-kci-804.mktoresp.com',
+  'analytics.google.com',
+  'api.ultimateadb.com',
+  'c.clicktale.net',
+  'cdnmd.global-cache.online',
+  'ip.x2convert.com',
+  'pagead2.googlesyndication.com',
+  'pdfnow.adobe.io',
+  'searchaggr-dra.dt.dbankcloud.com',
+  'tl.ytlogs.ru',
+  'tr.snapchat.com',
+  'translate.googleapis.com',
+  'trial-eum-clientnsv4-s.akamaihd.net',
+  'trial-eum-clienttons-s.akamaihd.net',
+  'www.google.com',
+  'tm.filter:1506',
   ';',
 ];
 
@@ -66,6 +86,16 @@ const defaultSrc = [
 const fontSrc = [
   '\'self\'',
   'use.typekit.net',
+  'fonts.gstatic.com',
+  'appdown.pstatic.net',
+  'assets.merci-app.com',
+  'at.alicdn.com',
+  'cdn.jsdelivr.net',
+  'fast.fonts.net',
+  'fc652372aa05f6ec093286fe86f2057df39e68f7-m.eu-proxy.startpage.com',
+  'fonts.bunny.net',
+  'static.zohocdn.com',
+  'svcs.tql.com',
   ';',
 ];
 
@@ -102,6 +132,32 @@ const frameSrc = [
   'www.facebook.com',
   'www.youtube.com',
   's.company-target.com',
+  'notify.bluecoat.com',
+  'block.opendns.com',
+  'bpb.opendns.com',
+  'cn-1793901926-23-7vnsr30362.ibosscloud.com',
+  'cookieaquila.com',
+  'gateway.bogd.local',
+  'gateway.zscalerthree.net',
+  'gateway.zscalertwo.net',
+  'gateway.zscloud.net',
+  'it.sanmina.com',
+  'lordanavid.com',
+  'makeviraltrends.com',
+  'mozbar.moz.com',
+  'panpac.pfizer.com',
+  'pixel.everesttech.net',
+  'pwm-image.trendmicro.jp',
+  'redirect.isolation.zscaler.com',
+  'safe.menlosecurity.com',
+  'siteblocked.nauka.gov.pl',
+  'td.doubleclick.net',
+  'tr.snapchat.com',
+  'trendlavida.com',
+  'videogamewatch1.com',
+  'web.mpsp.mp.br',
+  'www.searchfor.org',
+  'zswpmanager.wip.mmc.com',
   ';',
 ];
 
@@ -150,6 +206,48 @@ const imgSrc = [
   'http://localhost:6456/',
   '*.hlx.page',
   '*.hlx.live',
+  'analytics.tiktok.com',
+  'l.clicktale.net',
+  'mir-s3-cdn-cf.behance.net',
+  'www.google.ca',
+  'www.google.ci',
+  'www.google.co.id',
+  'www.google.co.il',
+  'www.google.co.kr',
+  'www.google.co.th',
+  'www.google.co.uk',
+  'www.google.co.za',
+  'www.google.com',
+  'www.google.com.ar',
+  'www.google.com.gh',
+  'www.google.com.hk',
+  'www.google.com.kw',
+  'www.google.com.mx',
+  'www.google.com.my',
+  'www.google.com.ng',
+  'www.google.com.ph',
+  'www.google.com.pr',
+  'www.google.com.sa',
+  'www.google.com.tr',
+  'www.google.com.tw',
+  'www.google.com.vn',
+  'www.google.cz',
+  'www.google.de',
+  'www.google.dk',
+  'www.google.fr',
+  'www.google.it',
+  'www.google.nl',
+  'www.google.pl',
+  'www.google.pt',
+  'www.google.se',
+  'cdn.css-tricks.com',
+  'ad.doubleclick.net',
+  'adservice.google.com',
+  'alb.reddit.com',
+  'analytics.twitter.com',
+  'cdn.honey.io',
+  'fonts.gstatic.com',
+  'googleads.g.doubleclick.net',
   's.yimg.jp',
   'yjtag.yahoo.co.jp',
   ';',