Currently this isn’t possible. The biggest reason is security. Their embed code uses a script, and arbitrary script code is not something we will allow until we find a way to properly sandbox it. We’ve been researching ways to allow custom scripts, isolated in their own iframe sandbox, but I don’t have a timeline for when something like that might be available.
The workaround for now is to host a static site somewhere (S3 is a very cheap option) that includes this embed code. You can then using the External Website block to display that URL.
The request is being blocked by the browser because the dashboard is secure (https) and that URL is unsecure (http). Mixed content types have the potential to open security vulnerabilities, so most browsers block them. More details here: https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content
You’ll have to add SSL support to your embedded site in order to embed it into a dashboard.