urlscan.io logo urlscan.io
SecurityTrails logo

www.maza.bg Open in urlscan Pro
54.216.252.255  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.maza.bg/
Submission Tags: falconsandbox
Submission: On October 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 54.216.252.255, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.maza.bg.
TLS certificate: Issued by R11 on August 14th 2024. Valid for: 3 months.
This is the only time www.maza.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 54.216.252.255 16509 (AMAZON-02)
3 52.92.33.137 16509 (AMAZON-02)
8 2
Apex Domain
Subdomains		 Transfer
5 maza.bg
www.maza.bg
455 KB
3 amazonaws.com
storeganise.s3.amazonaws.com
249 KB
8 2
Domain Requested by
5 www.maza.bg www.maza.bg
3 storeganise.s3.amazonaws.com www.maza.bg
8 2

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.tiktok.com
www.instagram.com
storeganise.com
Subject Issuer Validity Valid
www.maza.bg
R11		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.maza.bg/
Frame ID: 37876D495DF2F2A693DD445E21522364
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Maza Bg

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

704 kB
Transfer

936 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.maza.bg/ 		11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.maza.bg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-252-255.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
a1a7686316142a90d8d948183380020b8be7bc7e71ec5f0af816b2f17aad3737
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'nonce-AZ3eRiwyvEz7' 'strict-dynamic' 'self' 'unsafe-inline' https://*.braintreegateway.com https://*.mul-pay.jp https://connect.facebook.net https://cdn.segment.com https://cdnjs.cloudflare.com https://*.googletagmanager.com https://*.googleadservices.com https://*.g.doubleclick.net https://*.google.com; connect-src 'self' https://api-v3.wurd.io https://api.wurd.io https://maps.googleapis.com https://www.google-analytics.com https://cdn.segment.com https://api.segment.io https://accounts.google.com/gsi/log *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.googleadservices.com *.google.com https://*.facebook.com; style-src 'self' 'nonce-lHteTX8qwcSo' https://accounts.google.com/gsi/style https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https: blob: data: *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com; object-src 'none'; base-uri 'none'; form-action 'self' https://checkout.stripe.com https://*.cybersource.com/pay https://www.facebook.com https://storeganise.com/signin/; frame-ancestors 'none'; frame-src blob: https://assets.braintreegateway.com https://accounts.google.com https://www.facebook.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; block-all-mixed-content; report-uri
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'none'; script-src 'nonce-AZ3eRiwyvEz7' 'strict-dynamic' 'self' 'unsafe-inline' https://*.braintreegateway.com https://*.mul-pay.jp https://connect.facebook.net https://cdn.segment.com https://cdnjs.cloudflare.com https://*.googletagmanager.com https://*.googleadservices.com https://*.g.doubleclick.net https://*.google.com; connect-src 'self' https://api-v3.wurd.io https://api.wurd.io https://maps.googleapis.com https://www.google-analytics.com https://cdn.segment.com https://api.segment.io https://accounts.google.com/gsi/log *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.googleadservices.com *.google.com https://*.facebook.com; style-src 'self' 'nonce-lHteTX8qwcSo' https://accounts.google.com/gsi/style https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https: blob: data: *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com; object-src 'none'; base-uri 'none'; form-action 'self' https://checkout.stripe.com https://*.cybersource.com/pay https://www.facebook.com https://storeganise.com/signin/; frame-ancestors 'none'; frame-src blob: https://assets.braintreegateway.com https://accounts.google.com https://www.facebook.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; block-all-mixed-content; report-uri
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Oct 2024 08:10:07 GMT
Etag
W/"2d11-P9GvBcLYduErFm3+doUw2TLQW18"
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Permissions-Policy
geolocation=(self)
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D
Server
Cowboy
Strict-Transport-Security
max-age=7776000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
main.a223de13.css
www.maza.bg/static/userapp/static/css/ 		278 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.maza.bg/static/userapp/static/css/main.a223de13.css
Requested by
Host: www.maza.bg
URL: https://www.maza.bg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-252-255.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
2823cbcfe24cbcb1f66de2e445256867895bf8df8df44c20d6c202b7b35f2492

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.maza.bg/

Response headers

Transfer-Encoding
chunked
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control
public, max-age=0
Content-Encoding
gzip
Etag
W/"4574d-191e70f3ff0"
Connection
keep-alive
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D"}]}
Via
1.1 vegur
Accept-Ranges
bytes
Date
Tue, 01 Oct 2024 08:10:07 GMT
Last-Modified
Thu, 12 Sep 2024 16:27:02 GMT
Content-Type
text/css; charset=UTF-8
Server
Cowboy
Vary
Accept-Encoding
66bc66ed-logo+maza1.png
storeganise.s3.amazonaws.com/66bbaa3fe75ccc0002808382/uploads/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storeganise.s3.amazonaws.com/66bbaa3fe75ccc0002808382/uploads/66bc66ed-logo+maza1.png
Requested by
Host: www.maza.bg
URL: https://www.maza.bg/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.33.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3761f3214dcb577ed7c2de4e73a762a933d39673ff77f37a8f55824d06e809ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.maza.bg/

Response headers

x-amz-id-2
CQXNHBIjQ4cbOTKdAEgL4OjE7mqij1LtlRZKwfkJwE5AKBGlAV0GsY61d4PlFt0Zoga6biBpxYk=
Cache-Control
max-age=604800
ETag
"96779b065063daa91e3da1d43ebdcfbc"
x-amz-request-id
52DSXVEP5SXHTEXD
Accept-Ranges
bytes
Content-Length
68660
Date
Tue, 01 Oct 2024 08:10:08 GMT
Last-Modified
Wed, 14 Aug 2024 08:12:30 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
66c9ace4-clearhome-move-help-1-1200x823.jpg
storeganise.s3.amazonaws.com/66bbaa3fe75ccc0002808382/uploads/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storeganise.s3.amazonaws.com/66bbaa3fe75ccc0002808382/uploads/66c9ace4-clearhome-move-help-1-1200x823.jpg
Requested by
Host: www.maza.bg
URL: https://www.maza.bg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.33.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3a5aac854c59e50918ad7be7760b1bdaec3e5fc3664e96921f2a139aa0a61fbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.maza.bg/

Response headers

x-amz-id-2
R5yiVfxEN49sigfRmmZbvtpUD0GlJ45c0A03CehIJ0xAC4Zo6HirqQmsNfARrXYjsvn5jgCkZCA=
Cache-Control
max-age=604800
ETag
"01932e8d5ed01d79b87718b4a5a2b57e"
x-amz-request-id
52DT4VNJHCE48X7R
Accept-Ranges
bytes
Content-Length
116255
Date
Tue, 01 Oct 2024 08:10:08 GMT
Last-Modified
Sat, 24 Aug 2024 09:50:29 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
inter-latin-variable-full-normal.662312a083b9f48417ca.woff2
www.maza.bg/static/userapp/static/media/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.maza.bg/static/userapp/static/media/inter-latin-variable-full-normal.662312a083b9f48417ca.woff2
Requested by
Host: www.maza.bg
URL: https://www.maza.bg/static/userapp/static/css/main.a223de13.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-252-255.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
750a469d97a45e7b315b7a44a4ee41e615aca938544cf7199b681785a993a8ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.maza.bg
Referer
https://www.maza.bg/static/userapp/static/css/main.a223de13.css

Response headers

Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control
public, max-age=0
Etag
W/"d840-191e70f43d8"
Connection
keep-alive
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D"}]}
Via
1.1 vegur
Accept-Ranges
bytes
Content-Length
55360
Date
Tue, 01 Oct 2024 08:10:07 GMT
Last-Modified
Thu, 12 Sep 2024 16:27:03 GMT
Content-Type
font/woff2
Server
Cowboy
fa-light-300.d3271a5651ab5ba62d85.woff2
www.maza.bg/static/userapp/static/media/ 		180 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.maza.bg/static/userapp/static/media/fa-light-300.d3271a5651ab5ba62d85.woff2
Requested by
Host: www.maza.bg
URL: https://www.maza.bg/static/userapp/static/css/main.a223de13.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-252-255.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
1ddc6ae069ea7aedb68a92d53a12933a5a326f28c714869b99f335377dcce217

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.maza.bg
Referer
https://www.maza.bg/static/userapp/static/css/main.a223de13.css

Response headers

Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control
public, max-age=0
Etag
W/"2cf8c-191e70f43d8"
Connection
keep-alive
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D"}]}
Via
1.1 vegur
Accept-Ranges
bytes
Content-Length
184204
Date
Tue, 01 Oct 2024 08:10:07 GMT
Last-Modified
Thu, 12 Sep 2024 16:27:03 GMT
Content-Type
font/woff2
Server
Cowboy
fa-regular-400.33904a1b964c9b363ce7.woff2
www.maza.bg/static/userapp/static/media/ 		165 KB
166 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.maza.bg/static/userapp/static/media/fa-regular-400.33904a1b964c9b363ce7.woff2
Requested by
Host: www.maza.bg
URL: https://www.maza.bg/static/userapp/static/css/main.a223de13.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-252-255.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
3bbb0df89b8dbe8001e8c24de4e2d1693f94997b29f007a7bda22a9802832768

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.maza.bg
Referer
https://www.maza.bg/static/userapp/static/css/main.a223de13.css

Response headers

Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control
public, max-age=0
Etag
W/"29378-191e70f43d8"
Connection
keep-alive
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727770207&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=9DUAkeVAbEA3vVhgc%2BU7kopsG3ZjPsdST6anDlPy%2F0g%3D"}]}
Via
1.1 vegur
Accept-Ranges
bytes
Content-Length
168824
Date
Tue, 01 Oct 2024 08:10:07 GMT
Last-Modified
Thu, 12 Sep 2024 16:27:03 GMT
Content-Type
font/woff2
Server
Cowboy
66bc66f9-logo+maza1.png
storeganise.s3.amazonaws.com/66bbaa3fe75ccc0002808382/uploads/ 		67 KB
67 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storeganise.s3.amazonaws.com/66bbaa3fe75ccc0002808382/uploads/66bc66f9-logo+maza1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.33.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3761f3214dcb577ed7c2de4e73a762a933d39673ff77f37a8f55824d06e809ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.maza.bg/

Response headers

x-amz-id-2
rKQayAUXwJwtfcGCnlKH/w/mxxE5xdUee/oBnRMk+hppkuuYODQ+TeKGqojfOsPn+bfVUdjoelU=
Cache-Control
max-age=604800
ETag
"96779b065063daa91e3da1d43ebdcfbc"
x-amz-request-id
KPCYVEAQEGHNYCPH
Accept-Ranges
bytes
Content-Length
68660
Date
Tue, 01 Oct 2024 08:10:09 GMT
Last-Modified
Wed, 14 Aug 2024 08:12:42 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| navbarCollapse object| navbarToggler function| toggleNavbarMenu

0 Cookies

3 Console Messages

Source Level URL
Text
security error URL: https://www.maza.bg/(Line 29)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'nonce-lHteTX8qwcSo' https://accounts.google.com/gsi/style https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-1zniu7BFj/mRMnqiZCP4FXF+EZFBNpYi/ZaJkncq+ig='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security error URL: https://www.maza.bg/(Line 34)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'nonce-lHteTX8qwcSo' https://accounts.google.com/gsi/style https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-1zniu7BFj/mRMnqiZCP4FXF+EZFBNpYi/ZaJkncq+ig='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security error URL: https://www.maza.bg/(Line 39)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'nonce-lHteTX8qwcSo' https://accounts.google.com/gsi/style https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-1zniu7BFj/mRMnqiZCP4FXF+EZFBNpYi/ZaJkncq+ig='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'nonce-AZ3eRiwyvEz7' 'strict-dynamic' 'self' 'unsafe-inline' https://*.braintreegateway.com https://*.mul-pay.jp https://connect.facebook.net https://cdn.segment.com https://cdnjs.cloudflare.com https://*.googletagmanager.com https://*.googleadservices.com https://*.g.doubleclick.net https://*.google.com; connect-src 'self' https://api-v3.wurd.io https://api.wurd.io https://maps.googleapis.com https://www.google-analytics.com https://cdn.segment.com https://api.segment.io https://accounts.google.com/gsi/log *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.googleadservices.com *.google.com https://*.facebook.com; style-src 'self' 'nonce-lHteTX8qwcSo' https://accounts.google.com/gsi/style https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https: blob: data: *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com; object-src 'none'; base-uri 'none'; form-action 'self' https://checkout.stripe.com https://*.cybersource.com/pay https://www.facebook.com https://storeganise.com/signin/; frame-ancestors 'none'; frame-src blob: https://assets.braintreegateway.com https://accounts.google.com https://www.facebook.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; block-all-mixed-content; report-uri
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff