co-opbank.co.ke Review

 N/A

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 28 Aug 2025 22:39:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://co-opbank.co.ke/

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 28 Aug 2025 22:39:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.co-opbank.co.ke/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Aug 2025 22:39:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Origin
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Security-Policy: upgrade-insecure-requests;
Cross-Origin-Embedder-Policy: unsafe-none; report-to='default'
Cross-Origin-Embedder-Policy-Report-Only: unsafe-none; report-to='default'
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Opener-Policy-Report-Only: unsafe-none; report-to='default'
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), sync-xhr=(), usb=(), gamepad=(), serial=()
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy: default-src 'self'; img-src *; media-src * data:;
X-Permitted-Cross-Domain-Policies: none
Cache-Control: max-age=300
Link: ; rel="https://api.w.org/"
Link: ; rel="alternate"; title="JSON"; type="application/json"
Link: ; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip