urlscan.io logo urlscan.io
SecurityTrails logo

www.bancontinental.com.py Open in urlscan Pro
200.85.43.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bancontinental.com.py/
Effective URL: https://www.bancontinental.com.py/
Submission: On August 27 via manual from PY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 16 domains to perform 41 HTTP transactions. The main IP is 200.85.43.242, located in Mariano Roque Alonso, Paraguay and belongs to Telecel S.A., PY. The main domain is www.bancontinental.com.py.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 14th 2024. Valid for: a year.
This is the only time www.bancontinental.com.py was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    200.85.43.242 (Mariano Roque Alonso, Paraguay)

ASN23201 (Telecel S.A., PY)
PTR: mail.clubdedescuentos.com.py
www.bancontinental.com.py
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4002:c0f::5f (Atlanta, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2606:4700::6811:d742 (United States)

ASN13335 (CLOUDFLARENET, US)
4f3ee5342422311edfadb26851bf878a.report-uri.com
2    2a05:d014:58f:6200::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
konecta-widget.netlify.app
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    18.192.94.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-94-96.eu-central-1.compute.amazonaws.com
konecta-widget.net
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3108::ac42:2842 (United States)

ASN13335 (CLOUDFLARENET, US)
api.app.konecta.global
Apex Domain
Subdomains		 Transfer
8 bancontinental.com.py
www.bancontinental.com.py
726 KB
6 report-uri.com
4f3ee5342422311edfadb26851bf878a.report-uri.com
3 KB
5 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 567
fonts.googleapis.com — Cisco Umbrella Rank: 110
196 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
476 KB
2 konecta-widget.net
konecta-widget.net
303 KB
2 netlify.app
konecta-widget.netlify.app
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 konecta.global
api.app.konecta.global Failed
728 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
34 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
19 KB
0 amazonaws.com Failed
konecta-dev.s3.amazonaws.com Failed
0 doubleclick.net Failed
googleads.g.doubleclick.net Failed
0 facebook.com Failed
www.facebook.com Failed
0 google.de Failed
www.google.de Failed
41 16
Domain Requested by
8 www.bancontinental.com.py 1 redirects www.bancontinental.com.py
6 4f3ee5342422311edfadb26851bf878a.report-uri.com www.googletagmanager.com
www.bancontinental.com.py
5 www.googletagmanager.com www.bancontinental.com.py
www.googletagmanager.com
konecta-widget.net
4 maps.googleapis.com www.bancontinental.com.py
maps.googleapis.com
2 konecta-widget.net konecta-widget.netlify.app
konecta-widget.net
2 konecta-widget.netlify.app www.bancontinental.com.py
2 connect.facebook.net www.bancontinental.com.py
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 api.app.konecta.global konecta-widget.net
1 fonts.googleapis.com konecta-widget.net
1 www.googleadservices.com www.googletagmanager.com
1 cdn.jsdelivr.net konecta-widget.netlify.app
1 cdnjs.cloudflare.com www.bancontinental.com.py
0 konecta-dev.s3.amazonaws.com Failed
0 googleads.g.doubleclick.net Failed
0 www.facebook.com Failed www.bancontinental.com.py
0 www.google.de Failed www.bancontinental.com.py
41 17

This site contains no links.

Subject Issuer Validity Valid
www.bancontinental.com.py
Sectigo RSA Domain Validation Secure Server CA		 2024-03-14 -
2025-04-14		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-06 -
2024-09-04		 3 months crt.sh
report-uri.com
E5		 2024-07-21 -
2024-10-19		 3 months crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.konecta-widget.net
E5		 2024-08-23 -
2024-11-21		 3 months crt.sh
*.googleadservices.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
konecta.global
E6		 2024-08-25 -
2024-11-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bancontinental.com.py/
Frame ID: A1480289917E83FB5FE5A688CBD21A9A
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banco Continental

Page URL History Show full URLs

  1. http://www.bancontinental.com.py/ HTTP 307
    https://www.bancontinental.com.py/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

80 %
HTTPS

77 %
IPv6

16
Domains

17
Subdomains

14
IPs

3
Countries

1854 kB
Transfer

5469 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bancontinental.com.py/ HTTP 307
    https://www.bancontinental.com.py/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.bancontinental.com.py/styles.77c73864abb670f9d39e.css HTTP 302
  • https://www.bancontinental.com.py/
Request Chain 17
  • https://www.bancontinental.com.py/runtime.a0385f0835181187b475.js HTTP 302
  • https://www.bancontinental.com.py/

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bancontinental.com.py/
Redirect Chain
  • http://www.bancontinental.com.py/
  • https://www.bancontinental.com.py/
4 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
4505
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Content-Type
text/html
Date
Tue, 27 Aug 2024 18:10:26 GMT
Last-Modified
Thu, 25 Jul 2024 20:55:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.bancontinental.com.py/
Non-Authoritative-Reason
HSTS
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/ 		99 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
426789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18688
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-4900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzxG5CMnUr2dz0tXeUaPGX1dhgQY5Gl3p7hyEnbsE6A11wq73%2FMLOjgoMBOwRhPYHYtVJ2Vrz5sRlbICvrXJD9qOntauws7ThEicofq64fbHuSYgu%2FRZhH1hEu7eD0%2FHojzPwPQsIkDOitOtOm345ToI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b9e09d898a5a5fc-FRA
expires
Sun, 17 Aug 2025 18:13:57 GMT
gtm.js
www.googletagmanager.com/ 		272 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15c2a09392e94862224ad70d350fee07d06dbc6e4f6c385d34e4d53f274532f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95820
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Aug 2024 18:13:57 GMT
/
www.bancontinental.com.py/
Redirect Chain
  • https://www.bancontinental.com.py/styles.77c73864abb670f9d39e.css
  • https://www.bancontinental.com.py/
0
0
js
maps.googleapis.com/maps/api/ 		228 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5f Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
50377dc79dce49120c478b484e645e98bffafc831286f79ca1d808de1243b47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79808
x-xss-protection
0
ContiSansRegular.3b30b25f8e38038e07af.woff
www.bancontinental.com.py/ 		16 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/ContiSansRegular.3b30b25f8e38038e07af.woff
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
02ef667594d8f80a8d7f9898abcd5abb9a36647347e8270a86526061e2e77bd4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 18:10:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:55:39 GMT
X-Frame-Options
DENY
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16228
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		300 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9212097e217c68213dc93b0c463fe1c24f7a59e6f57b764e685b53fdd48ce50b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103860
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Aug 2024 18:13:57 GMT
destination
www.googletagmanager.com/gtag/ 		267 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10973773029&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ceaff1769e49098b38fbea77313de4ca57aaa90e726b7fde1c4329ff3eea106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94085
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Aug 2024 18:13:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 27 Aug 2024 18:13:57 GMT
document-policy
force-load-at-top
x-fb-server-load
39
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4319, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
dUftFENHqhJedoQisrOnx/BqmFLDRaDhy1amKXkUU1UURBoqmceX7Cv2/6HQrhMiQpZGE85k/yc3miwweqDj7Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
370518553564513
connect.facebook.net/signals/config/ 		78 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/370518553564513?v=2.9.166&r=stable&domain=www.bancontinental.com.py&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87a87f41e5d1fb6715d2873ac6c70fb2f493bcc9b93fc62c1eed9d00e72de724
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 27 Aug 2024 18:13:57 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=74, mss=1232, tbw=66957, tp=63, tpl=0, uplat=139, ullat=1
pragma
public
x-fb-debug
VjVdJFcnfnq1GoDV1evf2qC/Y2sBh8dOaQcSPWse/G5G29ru5T3jjPrXZ94UOygSfIJhDd4NwqQI/OjagNh8bA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
549 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 27 Aug 2024 18:13:58 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b9e09dadbf49156-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
546 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 27 Aug 2024 18:13:58 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b9e09dadbf59156-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
584 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 27 Aug 2024 18:13:58 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b9e09dadbf79156-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
ga-audiences
www.google.de/ads/ 		0
0
/
www.facebook.com/tr/ 		0
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5f Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bancontinental.com.py
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
konecta-widget.js
konecta-widget.netlify.app/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://konecta-widget.netlify.app/konecta-widget.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
2a12af2f4277fff7be504c620ea917d9d54a31eb0deeffe0c4a509fcf7283b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J6AGPSKAK8KG7A51J4F0862M
date
Tue, 27 Aug 2024 18:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
22131
cache-status
"Netlify Edge"; hit
etag
"ee6aa849b79274bb4482fe12eafcb836-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1163
/
www.bancontinental.com.py/
Redirect Chain
  • https://www.bancontinental.com.py/runtime.a0385f0835181187b475.js
  • https://www.bancontinental.com.py/
4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 18:10:26 GMT
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jul 2024 20:55:40 GMT
X-Frame-Options
DENY
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
4505
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://www.bancontinental.com.py
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
BigIP
Connection
Keep-Alive
Content-Length
0
polyfills.7be0be37b8cccad00961.js
www.bancontinental.com.py/ 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/polyfills.7be0be37b8cccad00961.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
20a57077097ed2afba456106b95814df3ebc7c24bc001028492f1b12683f4540
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 18:10:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:51:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
scripts.cd3a75215099544fffdc.js
www.bancontinental.com.py/ 		1 MB
494 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/scripts.cd3a75215099544fffdc.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
f0dc36a75483be3afb38326c663aef6eeb310d02d54f07ba7b5ca70b49f34763
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 18:10:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Fri, 03 May 2024 14:47:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
main.9c7eb5251ae6d4869eb8.js
www.bancontinental.com.py/ 		543 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/main.9c7eb5251ae6d4869eb8.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
cffac704ef4b9346fa4d899b276099f14c54aaa3e2ea19e2c56ce37b17a5d4f1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 18:10:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:51:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6.12/dist/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.12/dist/vue.min.js
Requested by
Host: konecta-widget.netlify.app
URL: https://konecta-widget.netlify.app/konecta-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
51790
x-jsd-version
2.6.12
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34100
x-served-by
cache-fra-eddf8230090-FRA, cache-lga21935-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOP6HxWPEcMQ2e2KhSLxliczo8zxggkDNEDvW9CYs2myYxL%2FrtcrSneTvKX3La3o0CReVabnAdVjimSgjaqwgC6ZOeRZaZ3bv1cv8AERMfinn18Xlk09l4bGL1QbgsdepxJvxZeydb1jThURQBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b9e09e78f5cd392-FRA
vue-beautiful-chat.umd.min.js
konecta-widget.net/widget/dist/ 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Requested by
Host: konecta-widget.netlify.app
URL: https://konecta-widget.netlify.app/konecta-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.94.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-94-96.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
1854773b97a476d2ffd4e2739116639b059fb3c8aec0253d1663cac243a11e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J6AGPV8GA0GBFDG5XB756ZYF
date
Tue, 27 Aug 2024 18:13:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
40463
cache-status
"Netlify Edge"; hit
etag
"633b144ce19d4116f4c07844f4db19cf-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
307733
js
www.googletagmanager.com/gtag/ 		273 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e70e4bc5db138b63175f001d0a3ec4621bec99417b12678f4f887820f76a95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96412
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Aug 2024 18:13:59 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d68c3a564d3fa7aebda2f6d5345fc30cd044c904093b5d08f314a371f5d423e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:13:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Aug 2024 18:13:59 GMT
6036469aa2abc9a8dcabc326
konecta-widget.net/.netlify/functions/readWidgetByBotId/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://konecta-widget.net/.netlify/functions/readWidgetByBotId/6036469aa2abc9a8dcabc326
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.94.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-94-96.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
42c5c3b6e1f49f81f7d42b9a121da2893f0df9ca5511e7520a0e039ed3e167a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J6AGPVFMG3A7B28VGHNJM3XK
date
Tue, 27 Aug 2024 18:14:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000
netlify-vary
query
server
Netlify
age
1
cache-status
"Netlify Durable"; fwd=miss, "Netlify Edge"; fwd=miss
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
546 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 27 Aug 2024 18:14:00 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b9e09e9fca39156-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
/
www.googleadservices.com/pagead/conversion/10973773029/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10973773029/?random=1724782439996&cv=11&fst=1724782439996&bg=ffffff&guid=ON&async=1&gtm=45be48q0z8889817420za201zb889817420&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bancontinental.com.py%2F&label=_yVJCKvcgKQYEOX52fAo&hn=www.googleadservices.com&frm=0&tiba=Banco%20Continental&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1888505049.1724782437&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10973773029&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
86c66edbf1d1fde5529e23a8b5821a5471fc27c4d0d7cb6f733f9d9268c28b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 18:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2544
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
www.bancontinental.com.py/assets/images/logos/ 		5 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/assets/images/logos/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
85f220cb291da25059a9dd92e01431537befe5ca1972047dbc8283797031c1ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 18:10:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:55:51 GMT
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4978
X-XSS-Protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973773029/ 		0
0
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Aug 2024 18:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Aug 2024 17:26:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Aug 2024 18:14:00 GMT
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
550 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 27 Aug 2024 18:14:00 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b9e09eb3df99156-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
image-6619905c7dd0914c5de804af
api.app.konecta.global/bucket/file/ 		0
0
image-60d62ec1c1adf97419830aa6
konecta-dev.s3.amazonaws.com/ 		0
0
vector.svg
konecta-widget.netlify.app/assets/ 		277 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://konecta-widget.netlify.app/assets/vector.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a073e6c9c6e32f0f430135021227c7e2166ab49d9d4b48149a863d7b4d36efb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J6AGPVR9GCG15WB5WS5XK33T
date
Tue, 27 Aug 2024 18:14:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
19168
cache-status
"Netlify Edge"; hit
etag
"5a43daf2bc05007232f03dde7ace5a66-ssl"
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
277
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 14:27:19 GMT
x-content-type-options
nosniff
age
13601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 14:27:19 GMT
web
api.app.konecta.global/message/ 		14 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.app.konecta.global/message/web?where[senderId]=573c2a15-ae27-4dff-8e17-5ab146033ba9&where[bot]=6036469aa2abc9a8dcabc326&skip=0&limit=200&integration=
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c391d07d0d44e4959f32e22656c833d698c8cfa9087c7a3ae2d10736e9c0f93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 18:14:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bancontinental.com.py
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FuFdsaV1jyFLLgnQxeVJQ1yS2JjT4w57%2BUEDTcnXGf1ncWOPi%2BmtwZu04C2PsRWTdZLcmRWdjng7J40HHgbP1UUjYDcePbiDNFEUKOXcpNQe58y3AkqrZzDuck4u8UqmLLcOpmNbvbQLOIjIkl%2FUqB97%2FM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Type,Authorization,access_token,X-Time-Zone,x-company,x-key,x-forward-url,x-forward-path
cf-ray
8b9e09f05afa4d8d-FRA
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
548 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 27 Aug 2024 18:14:02 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b9e09f9fe709156-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
common.js
maps.googleapis.com/maps-api-v3/api/js/58/1a/intl/de_ALL/ 		287 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/1a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5f Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91ac09e973790de5c2a3d307135dc8e2536e42a7b8a7c1c8b6384cf0f45702a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 16:42:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
91890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62741
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 16:40:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 16:42:32 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/58/1a/intl/de_ALL/ 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/1a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5f Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6af2698c3415a4179fda0f6a2efd21b8516d36ada2678c00d9719182c6f5fe5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 16:42:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
91890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56080
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 16:40:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 16:42:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bancontinental.com.py
URL
https://www.bancontinental.com.py/
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GKEZSV39SY&cid=634348333.1724782438&gtm=45je48q0v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=2125252569
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1724782437689&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.2.1724782437688.620930808155286463&pm=1&hrl=2472f0&ler=empty&cdl=API_unavailable&it=1724782437507&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=GET
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1724782437689&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.2.1724782437688.620930808155286463&pm=1&hrl=2472f0&ler=empty&cdl=API_unavailable&it=1724782437507&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=FGET
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973773029/?random=1261599831&cv=11&fst=1724782439996&bg=ffffff&guid=ON&async=1&gtm=45be48q0z8889817420za201zb889817420&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bancontinental.com.py%2F&label=_yVJCKvcgKQYEOX52fAo&hn=www.googleadservices.com&frm=0&tiba=Banco%20Continental&value=0&npa=1&pscdl=noapi&auid=1888505049.1724782437&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQIInMexAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&eitems=ChEI8PK1tgYQhNLQioLhq-uTARIdAPzyqG0OARkyoOg_U7CKQ_fgYtBfrLdTpsTQbdI&pscrd=IhMI17GdpeOViAMVio6DBx3VnBa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL3d3dy5iYW5jb250aW5lbnRhbC5jb20ucHkv
Domain
api.app.konecta.global
URL
https://api.app.konecta.global/bucket/file/image-6619905c7dd0914c5de804af
Domain
konecta-dev.s3.amazonaws.com
URL
https://konecta-dev.s3.amazonaws.com/image-60d62ec1c1adf97419830aa6

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView string| vueScript string| chatScript function| loadScript function| loadContainer function| loadContainerClass function| loadCss function| init object| webpackChunkweb_publica_continental object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Vue object| webpackJsonpvue_beautiful_chat function| setImmediate function| clearImmediate object| regeneratorRuntime object| core object| vue-beautiful-chat function| gtag object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.bancontinental.com.py/ Name: _gcl_au
Value: 1.1.1888505049.1724782437
.bancontinental.com.py/ Name: _ga
Value: GA1.1.634348333.1724782438
.bancontinental.com.py/ Name: _ga_GKEZSV39SY
Value: GS1.1.1724782437.1.0.1724782437.60.0.0
.bancontinental.com.py/ Name: _fbp
Value: fb.2.1724782437688.620930808155286463
.bancontinental.com.py/ Name: _ga_90S8VN8L2N
Value: GS1.1.1724782439.1.0.1724782439.0.0.0

27 Console Messages

Source Level URL
Text
security error URL: https://www.bancontinental.com.py/
Message:
Refused to apply style from 'https://www.bancontinental.com.py/' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je48q0v888515075z8889817420za200zb889817420&_p=1724782437266&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724782437&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=968' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je48q0v888515075z8889817420za200zb889817420&_p=1724782437266&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724782437&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=968' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 212)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GKEZSV39SY&cid=634348333.1724782438&gtm=45je48q0v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GKEZSV39SY&cid=634348333.1724782438&gtm=45je48q0v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=2125252569' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GKEZSV39SY&cid=634348333.1724782438&gtm=45je48q0v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=2125252569' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://www.facebook.com/tr/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1724782437689&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.2.1724782437688.620930808155286463&pm=1&hrl=2472f0&ler=empty&cdl=API_unavailable&it=1724782437507&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1724782437689&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.2.1724782437688.620930808155286463&pm=1&hrl=2472f0&ler=empty&cdl=API_unavailable&it=1724782437507&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=FGET' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to execute script from 'https://www.bancontinental.com.py/' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
security error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je48q0v884912942za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1724782439&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=3424' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je48q0v884912942za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1724782439&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=3424' because it violates the document's Content Security Policy.
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973773029/?random=1261599831&cv=11&fst=1724782439996&bg=ffffff&guid=ON&async=1&gtm=45be48q0z8889817420za201zb889817420&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bancontinental.com.py%2F&label=_yVJCKvcgKQYEOX52fAo&hn=www.googleadservices.com&frm=0&tiba=Banco%20Continental&value=0&npa=1&pscdl=noapi&auid=1888505049.1724782437&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQIInMexAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&eitems=ChEI8PK1tgYQhNLQioLhq-uTARIdAPzyqG0OARkyoOg_U7CKQ_fgYtBfrLdTpsTQbdI&pscrd=IhMI17GdpeOViAMVio6DBx3VnBa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL3d3dy5iYW5jb250aW5lbnRhbC5jb20ucHkv' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://api.app.konecta.global/bucket/file/image-6619905c7dd0914c5de804af' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net".
security error URL: https://www.bancontinental.com.py/
Message:
Refused to load the image 'https://api.app.konecta.global/bucket/file/image-6619905c7dd0914c5de804af' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://api.app.konecta.global/message/web?where[senderId]=573c2a15-ae27-4dff-8e17-5ab146033ba9&where[bot]=6036469aa2abc9a8dcabc326&skip=0&limit=200&integration=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je48q0v888515075za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724782437&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&epn.percent_scrolled=90&_et=9&tfd=5984' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je48q0v888515075za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724782437&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&epn.percent_scrolled=90&_et=9&tfd=5984' because it violates the document's Content Security Policy.
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je48q0v888515075za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1724782437&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=6656&tfd=7643' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je48q0v888515075za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1724782437&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=6656&tfd=7643' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je48q0v884912942za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1724782439&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=4220&tfd=7650' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je48q0v884912942za200zb889817420&_p=1724782437266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=634348333.1724782438&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1724782439&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=4220&tfd=7650' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f3ee5342422311edfadb26851bf878a.report-uri.com
api.app.konecta.global
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
konecta-dev.s3.amazonaws.com
konecta-widget.net
konecta-widget.netlify.app
maps.googleapis.com
www.bancontinental.com.py
www.facebook.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.app.konecta.global
googleads.g.doubleclick.net
konecta-dev.s3.amazonaws.com
www.bancontinental.com.py
www.facebook.com
www.google.de
172.217.16.194
18.192.94.96
200.85.43.242
2606:4700:3108::ac42:2842
2606:4700::6811:180e
2606:4700::6811:d742
2606:4700::6812:ba1f
2607:f8b0:4002:c0f::5f
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a05:d014:58f:6200::64
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
02ef667594d8f80a8d7f9898abcd5abb9a36647347e8270a86526061e2e77bd4
0d68c3a564d3fa7aebda2f6d5345fc30cd044c904093b5d08f314a371f5d423e
15c2a09392e94862224ad70d350fee07d06dbc6e4f6c385d34e4d53f274532f0
1854773b97a476d2ffd4e2739116639b059fb3c8aec0253d1663cac243a11e1a
20a57077097ed2afba456106b95814df3ebc7c24bc001028492f1b12683f4540
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
2a12af2f4277fff7be504c620ea917d9d54a31eb0deeffe0c4a509fcf7283b40
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
42c5c3b6e1f49f81f7d42b9a121da2893f0df9ca5511e7520a0e039ed3e167a5
4e70e4bc5db138b63175f001d0a3ec4621bec99417b12678f4f887820f76a95b
50377dc79dce49120c478b484e645e98bffafc831286f79ca1d808de1243b47d
6af2698c3415a4179fda0f6a2efd21b8516d36ada2678c00d9719182c6f5fe5a
6c391d07d0d44e4959f32e22656c833d698c8cfa9087c7a3ae2d10736e9c0f93
6ceaff1769e49098b38fbea77313de4ca57aaa90e726b7fde1c4329ff3eea106
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
85f220cb291da25059a9dd92e01431537befe5ca1972047dbc8283797031c1ab
86c66edbf1d1fde5529e23a8b5821a5471fc27c4d0d7cb6f733f9d9268c28b50
87a87f41e5d1fb6715d2873ac6c70fb2f493bcc9b93fc62c1eed9d00e72de724
91ac09e973790de5c2a3d307135dc8e2536e42a7b8a7c1c8b6384cf0f45702a4
9212097e217c68213dc93b0c463fe1c24f7a59e6f57b764e685b53fdd48ce50b
a073e6c9c6e32f0f430135021227c7e2166ab49d9d4b48149a863d7b4d36efb9
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cffac704ef4b9346fa4d899b276099f14c54aaa3e2ea19e2c56ce37b17a5d4f1
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
f0dc36a75483be3afb38326c663aef6eeb310d02d54f07ba7b5ca70b49f34763