moemax.bg

Date: Thu, 04 Jun 2026 16:27:08 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; form-action www.epay.bg/ geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; frame-src ams.creativecdn.com/ td.doubleclick.net/ fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.google.com/ *.weltpixel.com 'self' 'unsafe-inline'; connect-src www.google-analytics.com googleads.g.doubleclick.net/ stats.g.doubleclick.net/ www.google.bg/ www.google.com/ pagead2.googlesyndication.com/ region1.google-analytics.com/ bat.bing.com/ stats.g.doubleclick.net/j/ ping.contactpigeon.com/bi/ ams.creativecdn.com/ q.clarity.ms/ p.clarity.ms/ www.sandbox.paypal.com www.paypalobjects.com www.paypal.com www.apptrian.com www.facebook.com *.ingest.sentry.io dpm.demdex.net www.google.com www.gstatic.com get.geojs.io maps.googleapis.com/ https://i.clarity.ms/collect https://analytics.tiktok.com/ https://a.clarity.ms/collect https://bat.bing.net/ https://analytics-ipv6.tiktokw.us/ http://www.googletagmanager.com http://www.google-analytics.com amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com facebook.com connect.facebook.net graph.facebook.com https://get.geojs.io *.avada.io *.alothemes.com *.magepow.com releva.ai localhost https://www.google-analytics.com 'self' 'unsafe-inline'; script-src connect.facebook.com connect.facebook.net facebook.com googleads.g.doubleclick.net www.google-analytics.com www.google.com/pagead/ www.google.bg/pagead/ www.facebook.com/tr/ maps.googleapis.com bat.bing.com/ www.apptrian.com www.facebook.com ping.contactpigeon.com/bi/js/ ajax.cloudflare.com/cdn-cgi/scripts/ tags.creativecdn.com/ static.cloudflareinsights.com/ www.clarity.ms https://analytics.tiktok.com/ assets.adobedtm.com *.adobe.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com graph.facebook.com *.avada.io *.alothemes.com *.magepow.com *.google.com/ releva.ai https://www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src data: www.google.bg/pagead/ www.google.com/pagead/ www.facebook.com/tr/ maps.googleapis.com bat.bing.com/ www.google.com/ www.google.bg/ assets.unlayer.com/ www.google.bg/ads/ga-audiences www.google.com/ads/ga-audiences ping.contactpigeon.com/bi/ f.creativecdn.com/ googleads.g.doubleclick.net/ www.newpay.bg/ https://newpay.bg/build/images/logo-primary.31d6d9e6.png https://bat.bing.net/ assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https://www.magezon.com https://firebasestorage.googleapis.com *.alothemes.com *.magepow.com data: 'self' 'unsafe-inline'; font-src maxcdn.bootstrapcdn.com fonts.gstatic.com www.paypalobjects.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.fontawesome.com https://fonts.bunny.net *.alothemes.com *.magepow.com data: 'self' 'unsafe-inline'; style-src maxcdn.bootstrapcdn.com fonts.googleapis.com ping.contactpigeon.com/bi/ *.adobe.com assets.braintreegateway.com *.fontawesome.com https://fonts.bunny.net *.alothemes.com *.magepow.com releva.ai tagmanager.google.com 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-ssl-offloaded: 1
ssl-offloaded: 1
x-forwarded-port: 443
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Hy9KOISgjkqtUsGiaR%2F6FPZhDWbALKEq8grEOQlRqxEnlZtT0MH%2FQVY1vIPllh7yYuVJEWbOpz%2FjHgA3h2DXRuIlxg983XtvgODJQ9I7zIy23y1pQIdkvLS2CPaaiyW24kNPYrJYRg%3D%3D"}]}
pragma: no-cache
expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
Content-Encoding: br
Server: cloudflare
CF-RAY: a0684da2ede77641-FRA