bancfirst.bank Review

 N/A

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 26 Aug 2025 22:57:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://bancfirst.bank/

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 26 Aug 2025 22:58:01 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 235
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://www.bancfirst.bank/
X-Request-ID: 891c534fd34e841c2e778384697091f7

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Aug 2025 22:58:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Via: None
Set-Cookie: .AspNetCore.Antiforgery.rcEK9zYGf94=CfDJ8P1DCd_szN1FtZTVzmh4nWevjXnx4y07Zd5ajCA117nh0RHgwHIgyJuCgZaWi2YcZ013fTedc7-TuMJXTZE6_IfMVSl97BbgkOizsvVSwo4SxCmtV_AHhB0kSTZFBZnLfvDZb76xU0Zj2RsWPJ-yZwM; path=/; samesite=strict; httponly;Secure;HttpOnly
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Forwarded-For: $proxy_add_x_forwarded_for;
X-Forwarded-Proto: $scheme;
Content-Security-Policy: script-src *.bancfirst.tv *.cloudflare.com *.youtube.com *.googletagmanager.com *.sharethis.com *.basis.net *.wave2.io *.google-analytics.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.bancfirst.bank *.googleapis.com 'unsafe-inline' ; object-src 'none';  frame-ancestors 'self' *.bancfirst.bank; worker-src blob:; script-src-elem *.bancfirst.bank *.youtube.com *.cloudflare.com *.google.com *.googletagmanager.com *.gstatic.com *.sharethis.com *.google-analytics.com 'unsafe-inline' *.wave2.io *.wave2locator.com
X-Request-ID: d78df845a2eb0389199e43cf95433395