Open
Cached
·
just now
14
directives
Content-Security-Policy
Content-Security-Policy: base-uri account.parkable.com; default-src 'self'; script-src 'unsafe-eval'; script-src-elem 'self' https://maps.googleapis.com https://apis.google.com 'sha256-8r6Q7++BBXzrASaH0kzsVQntPzCNiRiG7t/6L4PO6rE=' 'sha256-ada398xrsbcxJMnCCuVzQl1c3z8CbON5B2IPxbROpDg=' 'sha256-wpF3zbziotDWrQsLFM7oN+Lfqw6X4LXIks0bVmdN2I8=' 'sha256-jjJYMWEMAKh52VqmhXk3nvKIGEaCfUFtkTu2NfJbies=' https://www.googletagmanager.com https://*.stripe.com https://cdn.unitmap.com https://vercel.live https://static.hotjar.com https://script.hotjar.com wss://*.pusherapp.com https://*.pendo.io pendo-io-static.storage.googleapis.com pendo-static-6093467289190400.storage.googleapis.com https://cloud.google.com https://www.gstatic.com https://www.google.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; connect-src 'self' *.pusher.com ws-ap4.pusher.com https://www.google-analytics.com https://api.parkable.com *.googleapis.com api.stripe.com api.unitmap.com cdn.sightmap.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com wss://*.pusherapp.com https://*.pendo.io pendo-io-static.storage.googleapis.com pendo-static-6093467289190400.storage.googleapis.com https://api-dev.parkable.com https://www.google.com https://cloud.google.com wss://ws-ap1.pusher.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io wss://*.intercom-messenger.com https://*.intercom-messenger.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com static.hotjar.com script.hotjar.com https://*.pendo.io pendo-io-static.storage.googleapis.com pendo-static-6093467289190400.storage.googleapis.com; img-src 'self' vercel.app data: blob: *.googleapis.com maps.google.com www.google-analytics.com maps.gstatic.com www.gstatic.com *.ggpht.com lh3.googleusercontent.com https://static.hotjar.com https://script.hotjar.com wss://*.pusherapp.com https://*.pendo.io pendo-io-static.storage.googleapis.com pendo-static-6093467289190400.storage.googleapis.com https://gstatic.com; font-src 'self' data: fonts.gstatic.com script.hotjar.com https://*.pendo.io https://js.intercomcdn.com https://fonts.intercomcdn.com; object-src 'none'; form-action 'none'; frame-src maps.googleapis.com js.stripe.com datastudio.google.com lookerstudio.google.com parkable-app.firebaseapp.com https://www.google.com https://*.pendo.io https://support-tools.parkable.com; worker-src blob:; frame-ancestors 'none'; upgrade-insecure-requests
default-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src-elem
Keyword
—
'self'
script-src-elem
Hash
—
'sha256-8r6Q7++BBXzrASaH0kzsVQntPzCNiRiG7t/6L4PO6rE='
script-src-elem
Hash
—
'sha256-ada398xrsbcxJMnCCuVzQl1c3z8CbON5B2IPxbROpDg='
script-src-elem
Hash
—
'sha256-wpF3zbziotDWrQsLFM7oN+Lfqw6X4LXIks0bVmdN2I8='
script-src-elem
Hash
—
'sha256-jjJYMWEMAKh52VqmhXk3nvKIGEaCfUFtkTu2NfJbies='
connect-src
Keyword
—
'self'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
img-src
Keyword
—
'self'
img-src
Scheme
—
data:
img-src
Scheme
—
blob:
img-src
Host
—
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
object-src
Keyword
—
'none'
form-action
Keyword
—
'none'
worker-src
Scheme
—
blob:
frame-ancestors
Keyword
—
'none'
upgrade-insecure-requests
Source
—
(no sources)
Content-Security-Policy-Report-Only
No report-only CSP headers found.