Content-Security-Policy: default-src https: data: vine:;img-src 'self' data: https://vine.co https://vines.s3.amazonaws.com https://archive.vine.co https://*.twimg.com https://*.cdn.vine.co https://media.vineapp.com https://t.co https://analytics.twitter.com https://ssl.google-analytics.com https://stats.g.doubleclick.net https://twemoji.maxcdn.com https://twitter.github.io/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vine.co https://*.twitter.com https://vines.s3.amazonaws.com https://archive.vine.co https://*.cdn.vine.co https://platform.vine.co https://stats.g.doubleclick.net https://ssl.google-analytics.com https://ajax.googleapis.com https://connect.facebook.net;style-src 'self' 'unsafe-inline' https://vine.co https://vines.s3.amazonaws.com https://archive.vine.co https://*.cdn.vine.co;media-src 'self' blob: https://vine.co https://vines.s3.amazonaws.com https://archive.vine.co https://*.twimg.com https://*.cdn.vine.co https://*.vncdn.co https://media.vineapp.com;object-src 'self' blob: https://vine.co https://vine.co https://vines.s3.amazonaws.com https://archive.vine.co https://*.twimg.com https://*.cdn.vine.co https://media.vineapp.com;connect-src 'self' https://vine.co https://vines.s3.amazonaws.com https://archive.vine.co https://*.twimg.com https://*.cdn.vine.co https://media.vineapp.com https://graph.facebook.com;font-src 'self' https://vine.co https://vines.s3.amazonaws.com https://archive.vine.co https://*.cdn.vine.co;report-uri https://twitter.com/i/csp_report?a=OZUW4ZI=&ro=false