diff --git a/config/seckit.settings.yml b/config/seckit.settings.yml
index 9630d85..7469497 100644
--- a/config/seckit.settings.yml
+++ b/config/seckit.settings.yml
@@ -8,12 +8,12 @@ seckit_xss:
       webkit: false
     report-only: false
     default-src: "'self'"
-    script-src: "'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com https://*.google.com https://*.googletagmanager.com *.google-analytics.com"
+    script-src: "'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com https://*.google.com https://*.googletagmanager.com *.google-analytics.com https://tagmanager.google.com  https://www.googleadservices.com  https://googleads.g.doubleclick.net"
     object-src: "'none'"
-    style-src: "'self' 'unsafe-inline' fonts.googleapis.com"
-    img-src: "'self' data: https://*.google-analytics.com https://*.googletagmanager.com gstatic.com *.placeholder.com"
+    style-src: "'self' 'unsafe-inline' https://googletagmanager.com https://tagmanager.google.com fonts.googleapis.com"
+    img-src: "'self' data: https://*.google-analytics.com https://*.googletagmanager.com gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://google.com"
     media-src: "'none'"
-    frame-src: "'self'"
+    frame-src: "'self' https://www.googletagmanager.com https://bid.g.doubleclick.net https://td.doubleclick.net"
     frame-ancestors: "'self'"
     child-src: "'self'"
     font-src: "'self' data: fonts.gstatic.com"