urlscan.io logo urlscan.io
SecurityTrails logo

retail-onlinebanking-uat.co-opbank.co.ke Open in urlscan Pro
2606:4700::6812:3ec  Public Scan

Go To Rescan Add Verdict Report
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Submission: On July 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6812:3ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is retail-onlinebanking-uat.co-opbank.co.ke.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 30th 2024. Valid for: a year.
This is the only time retail-onlinebanking-uat.co-opbank.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
19 2
Apex Domain
Subdomains		 Transfer
18 co-opbank.co.ke
retail-onlinebanking-uat.co-opbank.co.ke
1 MB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
6 KB
19 2
Domain Requested by
18 retail-onlinebanking-uat.co-opbank.co.ke retail-onlinebanking-uat.co-opbank.co.ke
1 cdnjs.cloudflare.com retail-onlinebanking-uat.co-opbank.co.ke
19 2

This site contains no links.

Subject Issuer Validity Valid
*.co-opbank.co.ke
Sectigo RSA Domain Validation Secure Server CA		 2024-05-30 -
2025-06-05		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://retail-onlinebanking-uat.co-opbank.co.ke/
Frame ID: B3BFE4B91494059423C9AC4DBED0907C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Co-OpBank Omni

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1214 kB
Transfer

1596 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
retail-onlinebanking-uat.co-opbank.co.ke/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f537f65e2bcd67716a8fa39cf03b6c9550a5798ffe30eb4faab885eec2dc9d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8a575bffdeca5d86-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 19 Jul 2024 02:42:39 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
retail-onlinebanking-uat.co-opbank.co.ke/css/ 		152 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/css/bootstrap.min.css
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 02:42:39 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
server
cloudflare
etag
"26074-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
8a575c02a80c5d86-FRA
x-xss-protection
1; mode=block
style.css
retail-onlinebanking-uat.co-opbank.co.ke/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/css/style.css
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ddfe2d81500b8987dd14a822f54f1a171a93112a7f48218350b7a49e947905e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:39 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-length
3789
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
"320e-5c12d48796b89"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
8a575c02a80d5d86-FRA
08448377f5ab2000ebb1ae59c5e1259634515ffdf1172aceda4742d8f15aa49e8d3be0b2a08eab6c
retail-onlinebanking-uat.co-opbank.co.ke/TSbd/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/TSbd/08448377f5ab2000ebb1ae59c5e1259634515ffdf1172aceda4742d8f15aa49e8d3be0b2a08eab6c?type=2
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf587b5141dc77c7200d6b6274fcf661e9907f7c343b930aebaf6101a8e1c1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
8a575c02a80e5d86-FRA
content-length
16838
x-xss-protection
1; mode=block
logo%20-%20green.png
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/logo%20-%20green.png
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17865494267d583acb411d147b3f62cea73b68df8c1fb6985e01d5941b7ccad7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:39 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-length
6572
x-xss-protection
1; mode=block
last-modified
Tue, 12 May 2020 06:16:04 GMT
server
cloudflare
etag
"19ac-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a575c02a80f5d86-FRA
expires
Fri, 19 Jul 2024 06:42:39 GMT
logo.svg
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/logo.svg
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed06515647d643e9a7ea47fbfda8dfac390e02225a472d2be87c03d2e2182f40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:39 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 12 May 2020 08:16:56 GMT
server
cloudflare
content-encoding
gzip
etag
W/"83d-5a56f1633ce00"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8a575c02a8105d86-FRA
x-xss-protection
1; mode=block
expires
Fri, 19 Jul 2024 06:42:39 GMT
desktop-wallpaper-2@2x.png
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/desktop-wallpaper-2@2x.png
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40bbe868c59f6605a4ff1b9c754355f98f3fa688709c9210307eed1e8aadd566
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-length
1070962
x-xss-protection
1; mode=block
last-modified
Tue, 12 May 2020 06:16:04 GMT
server
cloudflare
etag
"105772-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a575c0569ca5d86-FRA
expires
Fri, 19 Jul 2024 06:42:40 GMT
personal.svg
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/personal.svg
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f599a98f724868ea0439754f1b29dc360f0237987cefeb87402e4f154d15b0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 12 May 2020 06:16:04 GMT
server
cloudflare
content-encoding
gzip
etag
W/"b1f-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8a575c0569d05d86-FRA
x-xss-protection
1; mode=block
expires
Fri, 19 Jul 2024 06:42:40 GMT
seperator.svg
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		415 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/seperator.svg
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5dbf575bb8c309b1b37eaa638ee1d7a0545150649d1ccf9873191374c1d7084
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 12 May 2020 06:16:04 GMT
server
cloudflare
content-encoding
gzip
etag
W/"19f-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8a575c063a245d86-FRA
x-xss-protection
1; mode=block
expires
Fri, 19 Jul 2024 06:42:40 GMT
corporate.svg
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		1 KB
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/corporate.svg
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a9035e753b6fb1490aff454953e90dfd23657688efe925b75cd41c2c223230
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 12 May 2020 06:16:04 GMT
server
cloudflare
content-encoding
gzip
etag
W/"40b-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8a575c063a2b5d86-FRA
x-xss-protection
1; mode=block
expires
Fri, 19 Jul 2024 06:42:40 GMT
pattern.svg
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		111 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/pattern.svg
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b776a7a80d44a12397eb26dd1db3d8a3f37180e9128ecc674ca68a29e10a2c31
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 12 May 2020 06:16:04 GMT
server
cloudflare
content-encoding
gzip
etag
W/"1bdab-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8a575c063a2c5d86-FRA
x-xss-protection
1; mode=block
expires
Fri, 19 Jul 2024 06:42:40 GMT
jquery-3.3.1.slim.min.js
retail-onlinebanking-uat.co-opbank.co.ke/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/js/jquery-3.3.1.slim.min.js
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f2b5e1cf5eb3ef97a07cc831a3260341ba11af67763bc05ef3e9e55dba8c1f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
server
cloudflare
etag
W/"1111f-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
8a575c063a265d86-FRA
x-xss-protection
1; mode=block
popper.min.js
retail-onlinebanking-uat.co-opbank.co.ke/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/js/popper.min.js
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb2e9deef68ae1f1263363f7a7bae58a913cc1b2cee2e3cd2c46bcd181ebf75
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
server
cloudflare
etag
W/"5211-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
8a575c063a275d86-FRA
x-xss-protection
1; mode=block
bootstrap.min.js
retail-onlinebanking-uat.co-opbank.co.ke/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/js/bootstrap.min.js
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
server
cloudflare
etag
W/"e2de-5a56d65f31100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
8a575c063a285d86-FRA
x-xss-protection
1; mode=block
ua-parser.min.js
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
44614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5456
last-modified
Mon, 04 May 2020 16:04:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf3-38ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWvvEaTYeriz8plk4Lf5b4kY%2FW0wBWPzOacDlP4a7zdhXPlDH7DAXCYclW6AspJXXnj1ynJVq0gyszXWmoI04WxtELXax%2BxqlPqJ3OT3cFy5ECiewCWZyEutotF%2F4%2Bxa6eP6kSJD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a575c064e65bbbb-FRA
expires
Wed, 09 Jul 2025 02:42:39 GMT
ua-parser.min.js
retail-onlinebanking-uat.co-opbank.co.ke/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/js/ua-parser.min.js
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
server
cloudflare
etag
W/"38ee-5c1042f0d8b40"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
8a575c063a295d86-FRA
x-xss-protection
1; mode=block
platform.min.js
retail-onlinebanking-uat.co-opbank.co.ke/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/js/platform.min.js
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
Origin
https://retail-onlinebanking-uat.co-opbank.co.ke
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
server
cloudflare
etag
W/"38b2-5c108131b2b00"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
8a575c063a2a5d86-FRA
x-xss-protection
1; mode=block
bg-new.svg
retail-onlinebanking-uat.co-opbank.co.ke/assets/ 		446 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/assets/bg-new.svg
Requested by
Host: retail-onlinebanking-uat.co-opbank.co.ke
URL: https://retail-onlinebanking-uat.co-opbank.co.ke/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abad7e1d3b16d2bcd911711d880b6685f0fbfa8c1a02ee864a933ad62e44546
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 29 May 2020 05:24:24 GMT
server
cloudflare
content-encoding
gzip
etag
W/"1be-5a6c2a87a3200"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8a575c064a305d86-FRA
x-xss-protection
1; mode=block
expires
Fri, 19 Jul 2024 06:42:40 GMT
favicon.ico
retail-onlinebanking-uat.co-opbank.co.ke/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://retail-onlinebanking-uat.co-opbank.co.ke/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed06515647d643e9a7ea47fbfda8dfac390e02225a472d2be87c03d2e2182f40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retail-onlinebanking-uat.co-opbank.co.ke/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:42:40 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
44338
x-xss-protection
1; mode=block
last-modified
Wed, 28 Apr 2021 06:58:19 GMT
server
cloudflare
etag
W/"83d-5c102e758b8c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=86400
cf-ray
8a575c0c9cbb5d86-FRA
expires
Sat, 20 Jul 2024 02:42:40 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| _csrf_ object| _tsbp_ object| F object| hb function| ib function| jb object| D function| eb object| Wb boolean| hYOsoewid10dsjsGHScSrF string| personalBankingUrl string| corporateUrl string| tnc string| disclaimer string| aboutUs string| contactUs string| appstore_link string| google_store_link string| huawei_gallery boolean| counter function| spawn2 function| $ function| jQuery function| Popper object| bootstrap function| UAParser object| platform function| addStoreLink function| RemoveFromDesktopBrowser boolean| Vm

3 Cookies

Domain/Path Name / Value
retail-onlinebanking-uat.co-opbank.co.ke/ Name: TS019e054f
Value: 01e11d6f2bde13b2ac497f289bf45d52ebd83d1d2c8055ecc84aebc8943cff849ae89173f2f5d4199b6ef1730d85c1c5e1d062394d
retail-onlinebanking-uat.co-opbank.co.ke/ Name: TS019e054f028
Value: 01ecda8ab3b29ce1e8c933fce993c1b6bdf166d813a10dd0145555ca5b0dbb597aae3ad08db003ba63677b9206581d85b2d9170be5
retail-onlinebanking-uat.co-opbank.co.ke/ Name: TS6937b58c027
Value: 08448377f5ab2000c1b06d900a87c5b549d85511ea613196934a42b3aeeaa8436ae1dd46e35b7098084dac51f81130000b17e2980217e77e636c3c56d0cbcdf454eaa6cc7fd3d719ac154e31b343c8a3f6dab6acdd091ae9542c546ada410f35

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block