HTTP/1.1 200 OKCache-Control: no-cachePragma: no-cacheTransfer-Encoding: chunkedContent-Type: text/html; charset=utf-8Content-Encoding: gzipExpires: -1Vary: Accept-EncodingServer: X-AspNet-Version: Content-Security-Policy: default-src 'self' www.youtube-nocookie.com dskam.bg dskbank.bg dskpremium.bg dskmobile.bg dskdom.bg dsktranssecurity.bg dskrodina.bg; script-src *.googleapis.com *.gstatic.com www.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js consent.cookiebot.eu consentcdn.cookiebot.eu https://consentcdn.cookiebot.eu/ https://secure.adnxs.com *.doubleclick.net www.googleadservices.com https://www.youtube.com/iframe_api https://dec.azureedge.net/ munchkin.marketo.net http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js http://eadsrv.com/js/px.js https://snap.licdn.com/li.lms-analytics/insight.min.js www.youtube.com www.googletagmanager.com https://bat.bing.com http://dskbank.webim.chat https://dskbank.webim.chat http://tchatbot.dskbank.bg https://tchatbot.dskbank.bg http://chatbot.dskbank.bg https://chatbot.dskbank.bg *.hotjar.com www.redditstatic.com https://static.addtoany.com dskam.bg dskbank.bg dskpremium.bg dskmobile.bg dskdom.bg dsktranssecurity.bg dskrodina.bg https://uat.dskbank.bg 'self' *.eloqua.com *.en25.com js.hs-scripts.com js.hs-analytics.net js.hs-banner.com js.hsleadflows.net forms.hubspot.com js.hscollectedforms.net *.google-analytics.com https://cdn.insight.sitefinity.com https://dec.azureedge.net cdn.ampproject.org web-chat.nativechat.com 'unsafe-inline' 'unsafe-eval'; style-src *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com dskam.bg dskbank.bg dskpremium.bg dskmobile.bg dskdom.bg dsktranssecurity.bg dskrodina.bg 'self' https://cdn.insight.sitefinity.com https://dec.azureedge.net web-chat.nativechat.com 'unsafe-inline'; img-src *.gstatic.com *.googleapis.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: https://www.google.bg https://www.google.com *.youtube.com *.doubleclick.net *.linkedin.com dskbank.bg eadsrv.com secure.adnxs.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com dskam.bg https://bat.bing.com http://dskbank.webim.chat https://dskbank.webim.chat http://tchatbot.dskbank.bg https://tchatbot.dskbank.bg http://chatbot.dskbank.bg https://chatbot.dskbank.bg https://alb.reddit.com https://stats.addtoany.com *.googlesyndication.com dskpremium.bg dskmobile.bg dskdom.bg dsktranssecurity.bg dskrodina.bg 'self' *.eloqua.com track.hubspot.com js.hsleadflows.net forms.hsforms.com *.google-analytics.com https://cdn.insight.sitefinity.com https://dec.azureedge.net web-chat.nativechat.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: http://dskbank.webim.chat https://chatbot.dskbank.bg; frame-ancestors 'self'; connect-src accounts.google.com https://isic.bg/api/v1/dsk/discounts *.mktoresp.com www.google-analytics.com stats.g.doubleclick.net https://consentcdn.cookiebot.com http://dskbank.webim.chat https://dskbank.webim.chat http://maps.googleapis.com https://maps.googleapis.com http://tchatbot.dskbank.bg https://tchatbot.dskbank.bg http://chatbot.dskbank.bg https://chatbot.dskbank.bg https://consentcdn.cookiebot.eu *.hotjar.com https://stats.addtoany.com *.googlesyndication.com wss://ws28.hotjar.com *.google.com https://googleads.g.doubleclick.net https://cdn.linkedin.oribi.io https://uat.dskbank.bg 'self' forms.hubspot.com *.hsforms.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com; media-src 'self' data: blob:; child-src https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com consentcdn.cookiebot.com https://www.youtube-nocookie.com/ www.google.com https://consentcdn.cookiebot.eu *.hotjar.com *.doubleclick.net https://static.addtoany.com wss://ws28.hotjar.com 'self' web-chat.nativechat.com; frame-src https://www.youtube-nocookie.com/ https://consentcdn.cookiebot.eu/ https://www.facebook.com/ https://12090499.fls.doubleclick.net/ https://www.google.com/ https://www.youtube.com/ 'self' forms.hsforms.com web-chat.nativechat.comReferrer-Policy: no-referrer-when-downgradeStrict-Transport-Security: max-age=31536000; includeSubDomains; preloadAccess-Control-Allow-Origin: https://uat.dskbank.bgSet-Cookie: sf-trckngckie=; expires=Thu, 25-May-2023 09:46:32 GMT; path=/; secure; HttpOnly; SameSite=LaxX-Powered-By: X-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 1; mode=blockDate: Thu, 25 May 2023 09:56:31 GMT