urlscan.io logo urlscan.io
SecurityTrails logo

www.bancontinental.com.py Open in urlscan Pro
200.85.43.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bancontinental.com.py/#/
Effective URL: https://www.bancontinental.com.py/
Submission: On August 11 via manual from PY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 16 domains to perform 43 HTTP transactions. The main IP is 200.85.43.242, located in Mariano Roque Alonso, Paraguay and belongs to Telecel S.A., PY. The main domain is www.bancontinental.com.py.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 14th 2024. Valid for: a year.
This is the only time www.bancontinental.com.py was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    200.85.43.242 (Mariano Roque Alonso, Paraguay)

ASN23201 (Telecel S.A., PY)
PTR: mail.clubdedescuentos.com.py
www.bancontinental.com.py
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a05:d014:58f:6200::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
konecta-widget.netlify.app
6    2606:4700::6811:d742 (United States)

ASN13335 (CLOUDFLARENET, US)
4f3ee5342422311edfadb26851bf878a.report-uri.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    3.70.101.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
konecta-widget.net
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3108::ac42:2bbe (United States)

ASN13335 (CLOUDFLARENET, US)
api.app.konecta.global
Apex Domain
Subdomains		 Transfer
12 bancontinental.com.py
www.bancontinental.com.py
620 KB
6 report-uri.com
4f3ee5342422311edfadb26851bf878a.report-uri.com
3 KB
5 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 567
fonts.googleapis.com — Cisco Umbrella Rank: 110
194 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
476 KB
2 konecta-widget.net
konecta-widget.net
303 KB
2 netlify.app
konecta-widget.netlify.app
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
76 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 konecta.global
api.app.konecta.global Failed
731 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
35 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
19 KB
0 amazonaws.com Failed
konecta-dev.s3.amazonaws.com Failed
0 doubleclick.net Failed
googleads.g.doubleclick.net Failed
0 facebook.com Failed
www.facebook.com Failed
0 google.de Failed
www.google.de Failed
43 16
Domain Requested by
12 www.bancontinental.com.py 2 redirects www.bancontinental.com.py
6 4f3ee5342422311edfadb26851bf878a.report-uri.com www.googletagmanager.com
www.bancontinental.com.py
5 www.googletagmanager.com www.bancontinental.com.py
www.googletagmanager.com
konecta-widget.net
4 maps.googleapis.com www.bancontinental.com.py
maps.googleapis.com
2 konecta-widget.net konecta-widget.netlify.app
konecta-widget.net
2 konecta-widget.netlify.app www.bancontinental.com.py
2 connect.facebook.net www.bancontinental.com.py
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 api.app.konecta.global konecta-widget.net
1 fonts.googleapis.com konecta-widget.net
1 www.googleadservices.com www.googletagmanager.com
1 cdn.jsdelivr.net konecta-widget.netlify.app
1 cdnjs.cloudflare.com www.bancontinental.com.py
0 konecta-dev.s3.amazonaws.com Failed
0 googleads.g.doubleclick.net Failed
0 www.facebook.com Failed www.bancontinental.com.py
0 www.google.de Failed www.bancontinental.com.py
43 17

This site contains no links.

Subject Issuer Validity Valid
www.bancontinental.com.py
Sectigo RSA Domain Validation Secure Server CA		 2024-03-14 -
2025-04-14		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
report-uri.com
E5		 2024-07-21 -
2024-10-19		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.konecta-widget.net
E6		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.googleadservices.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
konecta.global
E5		 2024-06-27 -
2024-09-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bancontinental.com.py/
Frame ID: 466CD3EE02F41EAC31A70F04F5E10A14
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banco Continental

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

43
Requests

81 %
HTTPS

77 %
IPv6

16
Domains

17
Subdomains

14
IPs

3
Countries

1748 kB
Transfer

5624 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.bancontinental.com.py/runtime.a0385f0835181187b475.js HTTP 302
  • https://www.bancontinental.com.py/
Request Chain 18
  • https://www.bancontinental.com.py/main.9c7eb5251ae6d4869eb8.js HTTP 302
  • https://www.bancontinental.com.py/

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bancontinental.com.py/ 		4 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
4505
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Content-Type
text/html
Date
Sun, 11 Aug 2024 03:06:40 GMT
Last-Modified
Thu, 25 Jul 2024 20:51:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/ 		99 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1511787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18688
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-4900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WQuey45T8l75bbqzDKNKojT0vCrSQIyiqkoRyUpNJitOiOQUfE7MehMhKHODkvbwg5F%2F9hMbRCBKE5RgPQFcpNzpOKwnfRQ2tTe%2BJI8pDOpa%2BaOj1zk5NwqXT6FfoRa5md6v%2F4E0xSqN5vF3Lj%2FGmtv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b1507b7c85e3666-FRA
expires
Fri, 01 Aug 2025 03:10:00 GMT
gtm.js
www.googletagmanager.com/ 		272 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
637624b54d78aef2925eb567d36e71b9502325e65e4e10122daf1637bde32a4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95676
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Aug 2024 03:10:00 GMT
styles.77c73864abb670f9d39e.css
www.bancontinental.com.py/ 		345 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/styles.77c73864abb670f9d39e.css
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
aa860e6e5235979b3faf2a9c717b7c8868691449393f725c320d1d1f837af5fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:51:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
js
maps.googleapis.com/maps/api/ 		217 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
8a1b2ea51398f2287cda524caf74bb15a371712541d60bd98ce78ee379ba766f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75552
x-xss-protection
0
ContiSansRegular.3b30b25f8e38038e07af.woff
www.bancontinental.com.py/ 		16 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/ContiSansRegular.3b30b25f8e38038e07af.woff
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
02ef667594d8f80a8d7f9898abcd5abb9a36647347e8270a86526061e2e77bd4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:37:15 GMT
X-Frame-Options
DENY
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16228
X-XSS-Protection
1; mode=block
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bancontinental.com.py
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		300 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc5ddfd561d0c44014cc2383c1888cac488b3297190b8862599d1c29285a72af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103790
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Aug 2024 03:10:01 GMT
destination
www.googletagmanager.com/gtag/ 		266 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10973773029&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d44c5efc9372bb5ef39c55c85252a012cbc1b4455c2de682f85e7218a447e403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93686
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Aug 2024 03:10:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 11 Aug 2024 03:10:01 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
fC4nj+HYHtT/ca3gIt1cFwLVsZIVyHtqklNYH1060qNNou+Uf0pdlvvd3viDwS0+hYPZ+32CcBga+F7oqMU6sQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
konecta-widget.js
konecta-widget.netlify.app/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://konecta-widget.netlify.app/konecta-widget.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
2a12af2f4277fff7be504c620ea917d9d54a31eb0deeffe0c4a509fcf7283b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4ZPM3XAAHJ5A7FMCKHSHCME
date
Sun, 11 Aug 2024 03:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
59593
cache-status
"Netlify Edge"; hit
etag
"ee6aa849b79274bb4482fe12eafcb836-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1161
370518553564513
connect.facebook.net/signals/config/ 		76 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/370518553564513?v=2.9.164&r=stable&domain=www.bancontinental.com.py&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5acfc9e53c158e4c34a3a3c79eb1a5313040be17f9925b5394b8ab5e60ac8b50
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 11 Aug 2024 03:10:01 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=64, mss=1328, tbw=64389, tp=-1, tpl=-1, uplat=69, ullat=1
pragma
public
x-fb-debug
/T+Sgage9Z/+tdEr69FnPShDeiRUJMU8J8lFn+0xC7/vZAkHDXmEWApdvJCLFwsSO1kIPR49DRr0ZwdR+Rcg+w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
549 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Aug 2024 03:10:02 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b1507b9f85a2c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
585 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Aug 2024 03:10:02 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b1507b9f8582c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
547 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Aug 2024 03:10:02 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b1507b9f8562c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
ga-audiences
www.google.de/ads/ 		0
0
/
www.bancontinental.com.py/
Redirect Chain
  • https://www.bancontinental.com.py/runtime.a0385f0835181187b475.js
  • https://www.bancontinental.com.py/
4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:40 GMT
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jul 2024 20:51:25 GMT
X-Frame-Options
DENY
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
4505
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://www.bancontinental.com.py
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
BigIP
Connection
Keep-Alive
Content-Length
0
polyfills.7be0be37b8cccad00961.js
www.bancontinental.com.py/ 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/polyfills.7be0be37b8cccad00961.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
20a57077097ed2afba456106b95814df3ebc7c24bc001028492f1b12683f4540
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:51:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
scripts.cd3a75215099544fffdc.js
www.bancontinental.com.py/ 		1 MB
494 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/scripts.cd3a75215099544fffdc.js
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
f0dc36a75483be3afb38326c663aef6eeb310d02d54f07ba7b5ca70b49f34763
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:37:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
/
www.bancontinental.com.py/
Redirect Chain
  • https://www.bancontinental.com.py/main.9c7eb5251ae6d4869eb8.js
  • https://www.bancontinental.com.py/
4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/
Protocol
HTTP/1.1
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:40 GMT
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jul 2024 20:51:25 GMT
X-Frame-Options
DENY
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
4505
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://www.bancontinental.com.py
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
BigIP
Connection
Keep-Alive
Content-Length
0
/
www.facebook.com/tr/ 		0
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
styles.77c73864abb670f9d39e.css
www.bancontinental.com.py/ 		345 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/styles.77c73864abb670f9d39e.css
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/#/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
aa860e6e5235979b3faf2a9c717b7c8868691449393f725c320d1d1f837af5fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:51:27 GMT
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
X-XSS-Protection
1; mode=block
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6.12/dist/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.12/dist/vue.min.js
Requested by
Host: konecta-widget.netlify.app
URL: https://konecta-widget.netlify.app/konecta-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 11 Aug 2024 03:10:05 GMT
x-content-type-options
nosniff
content-encoding
br
age
865184
x-jsd-version
2.6.12
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
35673
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
version
etag
W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
vue-beautiful-chat.umd.min.js
konecta-widget.net/widget/dist/ 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Requested by
Host: konecta-widget.netlify.app
URL: https://konecta-widget.netlify.app/konecta-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
1854773b97a476d2ffd4e2739116639b059fb3c8aec0253d1663cac243a11e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4ZPM8BMXDM11GSG1AT8F11J
date
Sun, 11 Aug 2024 03:10:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
1627
cache-status
"Netlify Edge"; hit
etag
"633b144ce19d4116f4c07844f4db19cf-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
307936
js
www.googletagmanager.com/gtag/ 		273 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWPRJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b34636c2be2d78939036efea8aa44f16848a1c36676eca64bb6ce0ab71dcf62d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96482
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Aug 2024 03:10:05 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19daf56638c529def7859b37fe564685828ed20a64fd5294fd2a4089f63221ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96548
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Aug 2024 03:10:05 GMT
6036469aa2abc9a8dcabc326
konecta-widget.net/.netlify/functions/readWidgetByBotId/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://konecta-widget.net/.netlify/functions/readWidgetByBotId/6036469aa2abc9a8dcabc326
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
42c5c3b6e1f49f81f7d42b9a121da2893f0df9ca5511e7520a0e039ed3e167a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4ZPM8J622XSXT9KXA6WCCP3
date
Sun, 11 Aug 2024 03:10:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000
netlify-vary
query
server
Netlify
age
1
cache-status
"Netlify Durable"; fwd=miss, "Netlify Edge"; fwd=miss
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
547 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Aug 2024 03:10:05 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b1507d6ff1b2c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
/
www.googleadservices.com/pagead/conversion/10973773029/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10973773029/?random=1723345805920&cv=11&fst=1723345805920&bg=ffffff&guid=ON&async=1&gtm=45be4880z8889817420za201zb889817420&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bancontinental.com.py%2F&label=_yVJCKvcgKQYEOX52fAo&hn=www.googleadservices.com&frm=0&tiba=Banco%20Continental&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=840206108.1723345801&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10973773029&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
6455deb0f484d4f1ea008fcb264b2c88d40ce6e86748130d9c684b41d71c8523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Aug 2024 03:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1612
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
www.bancontinental.com.py/assets/images/logos/ 		5 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/assets/images/logos/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
85f220cb291da25059a9dd92e01431537befe5ca1972047dbc8283797031c1ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Last-Modified
Thu, 25 Jul 2024 20:37:28 GMT
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4978
X-XSS-Protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973773029/ 		0
0
common.js
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 		294 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a22bc65dbdd9b6bb8cb744abb8ad227c97112df7c67fbedfcb906c48ae118f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 20:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
284953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65149
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 20:00:53 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwxkQ8WRvieSYTHPxxIzPLPc3aJpA_95s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902195d22f3a6125b8fb19d41eb66a4fcd2e5733a36c1b79077183dc80a05e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 20:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
284953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56057
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 20:00:53 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 03:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 01:48:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 03:10:06 GMT
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
549 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Aug 2024 03:10:06 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b1507d89fdf2c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
image-6619905c7dd0914c5de804af
api.app.konecta.global/bucket/file/ 		0
0
image-60d62ec1c1adf97419830aa6
konecta-dev.s3.amazonaws.com/ 		0
0
vector.svg
konecta-widget.netlify.app/assets/ 		277 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://konecta-widget.netlify.app/assets/vector.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a073e6c9c6e32f0f430135021227c7e2166ab49d9d4b48149a863d7b4d36efb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4ZPM8V3T3E1V88SQ9ZWS7QC
date
Sun, 11 Aug 2024 03:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
59594
cache-status
"Netlify Edge"; hit
etag
"5a43daf2bc05007232f03dde7ace5a66-ssl"
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
277
ContiSansRegular.3b30b25f8e38038e07af.woff
www.bancontinental.com.py/ 		16 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bancontinental.com.py/ContiSansRegular.3b30b25f8e38038e07af.woff
Requested by
Host: www.bancontinental.com.py
URL: https://www.bancontinental.com.py/styles.77c73864abb670f9d39e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
200.85.43.242 Mariano Roque Alonso, Paraguay, ASN23201 (Telecel S.A., PY),
Reverse DNS
mail.clubdedescuentos.com.py
Software
/
Resource Hash
02ef667594d8f80a8d7f9898abcd5abb9a36647347e8270a86526061e2e77bd4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bancontinental.com.py/styles.77c73864abb670f9d39e.css
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:06:42 GMT
Content-Security-Policy
default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jul 2024 20:37:15 GMT
X-Frame-Options
DENY
Content-Type
font/woff
Accept-Ranges
bytes
Content-Length
16228
X-XSS-Protection
1; mode=block
enforce
4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/ 		11 B
547 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Aug 2024 03:10:06 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
8b1507d8d82b2c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bancontinental.com.py
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:06:49 GMT
x-content-type-options
nosniff
age
345797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 03:06:49 GMT
web
api.app.konecta.global/message/ 		14 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.app.konecta.global/message/web?where[senderId]=9da3837c-2250-4a2c-6c30-0c84db7a463b&where[bot]=6036469aa2abc9a8dcabc326&skip=0&limit=200&integration=
Requested by
Host: konecta-widget.net
URL: https://konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c391d07d0d44e4959f32e22656c833d698c8cfa9087c7a3ae2d10736e9c0f93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bancontinental.com.py/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:10:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bancontinental.com.py
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4L2AL9NGscOou2t1cM%2BO3KZG%2Fb25DmRV13o4TxwPUF8V15IRzJ9vMDN8ilpbTy6Pa2Wxk7J0B5Cnp%2F%2FwWlfUDDHLc5TxSyGpu9lGt%2B%2FrFBNemkq3m%2BS45aGtE0SUgSFCItnB%2B%2F1WmEqEkyjdcftH7kQ1wTQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Type,Authorization,access_token,X-Time-Zone,x-company,x-key,x-forward-url,x-forward-path
cf-ray
8b1507da2d523aa2-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GKEZSV39SY&cid=1218800469.1723345801&gtm=45je4880v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=592659279
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1723345801221&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.2.1723345801219.32989129818485571&pm=1&hrl=e78de8&ler=empty&cdl=API_unavailable&it=1723345801124&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=GET
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1723345801221&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.2.1723345801219.32989129818485571&pm=1&hrl=e78de8&ler=empty&cdl=API_unavailable&it=1723345801124&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=FGET
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973773029/?random=377171041&cv=11&fst=1723345805920&bg=ffffff&guid=ON&async=1&gtm=45be4880z8889817420za201zb889817420&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bancontinental.com.py%2F&label=_yVJCKvcgKQYEOX52fAo&hn=www.googleadservices.com&frm=0&tiba=Banco%20Continental&value=0&npa=1&pscdl=noapi&auid=840206108.1723345801&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&eitems=ChAI8J_ctQYQu7uN2PrT_rcKEh0APGgNLCJqATQ-PHWlHRyqZPPUiuEpK3UGCU1Eyw&pscrd=IhMI6ZTbtPvrhwMVma6DBx1X8gOwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL3d3dy5iYW5jb250aW5lbnRhbC5jb20ucHkv
Domain
api.app.konecta.global
URL
https://api.app.konecta.global/bucket/file/image-6619905c7dd0914c5de804af
Domain
konecta-dev.s3.amazonaws.com
URL
https://konecta-dev.s3.amazonaws.com/image-60d62ec1c1adf97419830aa6

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal string| vueScript string| chatScript function| loadScript function| loadContainer function| loadContainerClass function| loadCss function| init object| webpackChunkweb_publica_continental object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Vue object| webpackJsonpvue_beautiful_chat function| setImmediate function| clearImmediate object| regeneratorRuntime object| core object| vue-beautiful-chat function| gtag object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.bancontinental.com.py/ Name: _gcl_au
Value: 1.1.840206108.1723345801
.bancontinental.com.py/ Name: _ga
Value: GA1.1.1218800469.1723345801
.bancontinental.com.py/ Name: _ga_GKEZSV39SY
Value: GS1.1.1723345801.1.0.1723345801.60.0.0
.bancontinental.com.py/ Name: _fbp
Value: fb.2.1723345801219.32989129818485571
.bancontinental.com.py/ Name: _ga_90S8VN8L2N
Value: GS1.1.1723345805.1.0.1723345805.0.0.0

27 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je4880v888515075z8889817420za200zb889817420&_p=1723345800950&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723345801&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1029' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je4880v888515075z8889817420za200zb889817420&_p=1723345800950&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723345801&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1029' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 212)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GKEZSV39SY&cid=1218800469.1723345801&gtm=45je4880v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GKEZSV39SY&cid=1218800469.1723345801&gtm=45je4880v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=592659279' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GKEZSV39SY&cid=1218800469.1723345801&gtm=45je4880v888515075z8889817420za200zb889817420&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=592659279' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://www.facebook.com/tr/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1723345801221&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.2.1723345801219.32989129818485571&pm=1&hrl=e78de8&ler=empty&cdl=API_unavailable&it=1723345801124&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=370518553564513&ev=PageView&dl=https%3A%2F%2Fwww.bancontinental.com.py&rl=&if=false&ts=1723345801221&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.2.1723345801219.32989129818485571&pm=1&hrl=e78de8&ler=empty&cdl=API_unavailable&it=1723345801124&coo=false&cs_cc=1&cas=7892666427465345%2C6612952505394744%2C2034243383346719%2C2105550619570457&rqm=FGET' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to execute script from 'https://www.bancontinental.com.py/' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to execute script from 'https://www.bancontinental.com.py/' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je4880v884912942za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1723345805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=5777' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je4880v884912942za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1723345805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=5777' because it violates the document's Content Security Policy.
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973773029/?random=377171041&cv=11&fst=1723345805920&bg=ffffff&guid=ON&async=1&gtm=45be4880z8889817420za201zb889817420&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bancontinental.com.py%2F&label=_yVJCKvcgKQYEOX52fAo&hn=www.googleadservices.com&frm=0&tiba=Banco%20Continental&value=0&npa=1&pscdl=noapi&auid=840206108.1723345801&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&eitems=ChAI8J_ctQYQu7uN2PrT_rcKEh0APGgNLCJqATQ-PHWlHRyqZPPUiuEpK3UGCU1Eyw&pscrd=IhMI6ZTbtPvrhwMVma6DBx1X8gOwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL3d3dy5iYW5jb250aW5lbnRhbC5jb20ucHkv' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://api.app.konecta.global/bucket/file/image-6619905c7dd0914c5de804af' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net".
security error URL: https://www.bancontinental.com.py/#/
Message:
Refused to load the image 'https://api.app.konecta.global/bucket/file/image-6619905c7dd0914c5de804af' because it violates the following Content Security Policy directive: "img-src 'self' data: *.gstatic.com *.ggpht.com *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com konecta-widget.netlify.app maps.google.com www.googletagmanager.com".
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je4880v888515075za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723345801&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&epn.percent_scrolled=90&_et=14&tfd=6070' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je4880v888515075za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723345801&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=scroll&epn.percent_scrolled=90&_et=14&tfd=6070' because it violates the document's Content Security Policy.
network error URL: https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://api.app.konecta.global/message/web?where[senderId]=9da3837c-2250-4a2c-6c30-0c84db7a463b&where[bot]=6036469aa2abc9a8dcabc326&skip=0&limit=200&integration=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je4880v888515075za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1723345801&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=9306&tfd=10352' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-GKEZSV39SY&l=dataLayer&cx=c(Line 213)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-GKEZSV39SY&gtm=45je4880v888515075za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1723345801&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=9306&tfd=10352' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je4880v884912942za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1723345805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=4577&tfd=10355' because it violates the following Content Security Policy directive: "connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c(Line 161)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-90S8VN8L2N&gtm=45je4880v884912942za200zb889817420&_p=1723345800950&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1218800469.1723345801&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1723345805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancontinental.com.py%2F&dt=Banco%20Continental&en=user_engagement&_et=4577&tfd=10355' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://googletagmanager.com https://konecta-widget.net https://www.posdigital.com.py https://konecta-widget.netlify.app https://maps.google.com https://maps.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.googleadservices.com https://googleads.g.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' cdn.jsdelivr.net fonts.googleapis.com tagmanager.google.com www.googletagmanager.com cdnjs.cloudflare.com; object-src 'none'; frame-src 'self' maps.google.com maps.googleapis.com www.googletagmanager.com https://td.doubleclick.net; child-src 'self' www.googletagmanager.com; img-src 'self' *.gstatic.com *.ggpht.com www.bancontinental.com.py *.googleapis.com cdn.jsdelivr.net konecta-dev.s3.amazonaws.com www.facebook.com www.google.com www.google.com.py googleads.g.doubleclick.net konecta-widget.netlify.app maps.google.com www.googletagmanager.com data: www.facebook.com https://www.google.com.py https://googleads.g.doubleclick.net; font-src 'self' cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com myfonts.com examplefontcdn.com newfontsource.com anotherfontsource.com https://cdnjs.cloudflare.com; connect-src 'self' wss://api.app.konecta.global api.app.konecta.global apibanking-gw.bancontinental.com.py cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com konecta-widget.net maps.google.com maps.googleapis.com www.googletagmanager.com https://analytics.google.com https://www.google-analytics.com https://firebase.googleapis.com https://firebaseinstallations.googleapis.com; manifest-src 'self'; base-uri 'self'; form-action 'self'; media-src 'self'; worker-src 'self'; report-uri https://4f3ee5342422311edfadb26851bf878a.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f3ee5342422311edfadb26851bf878a.report-uri.com
api.app.konecta.global
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
konecta-dev.s3.amazonaws.com
konecta-widget.net
konecta-widget.netlify.app
maps.googleapis.com
www.bancontinental.com.py
www.facebook.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.app.konecta.global
googleads.g.doubleclick.net
konecta-dev.s3.amazonaws.com
www.facebook.com
www.google.de
142.250.186.34
200.85.43.242
2606:4700:3108::ac42:2bbe
2606:4700::6811:180e
2606:4700::6811:d742
2a00:1450:4001:811::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:600::485
2a05:d014:58f:6200::64
3.70.101.28
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
02ef667594d8f80a8d7f9898abcd5abb9a36647347e8270a86526061e2e77bd4
1854773b97a476d2ffd4e2739116639b059fb3c8aec0253d1663cac243a11e1a
19daf56638c529def7859b37fe564685828ed20a64fd5294fd2a4089f63221ab
20a57077097ed2afba456106b95814df3ebc7c24bc001028492f1b12683f4540
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
2a12af2f4277fff7be504c620ea917d9d54a31eb0deeffe0c4a509fcf7283b40
42c5c3b6e1f49f81f7d42b9a121da2893f0df9ca5511e7520a0e039ed3e167a5
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
5acfc9e53c158e4c34a3a3c79eb1a5313040be17f9925b5394b8ab5e60ac8b50
637624b54d78aef2925eb567d36e71b9502325e65e4e10122daf1637bde32a4e
6455deb0f484d4f1ea008fcb264b2c88d40ce6e86748130d9c684b41d71c8523
6c391d07d0d44e4959f32e22656c833d698c8cfa9087c7a3ae2d10736e9c0f93
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
85f220cb291da25059a9dd92e01431537befe5ca1972047dbc8283797031c1ab
8a1b2ea51398f2287cda524caf74bb15a371712541d60bd98ce78ee379ba766f
902195d22f3a6125b8fb19d41eb66a4fcd2e5733a36c1b79077183dc80a05e8b
a073e6c9c6e32f0f430135021227c7e2166ab49d9d4b48149a863d7b4d36efb9
a0a22bc65dbdd9b6bb8cb744abb8ad227c97112df7c67fbedfcb906c48ae118f
aa860e6e5235979b3faf2a9c717b7c8868691449393f725c320d1d1f837af5fe
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b34636c2be2d78939036efea8aa44f16848a1c36676eca64bb6ce0ab71dcf62d
bc5ddfd561d0c44014cc2383c1888cac488b3297190b8862599d1c29285a72af
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d44c5efc9372bb5ef39c55c85252a012cbc1b4455c2de682f85e7218a447e403
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
e0b2c5b4e555ad684d39b3eda65251fca6534c20ecb0f9473e9eb1e88a04a331
f0dc36a75483be3afb38326c663aef6eeb310d02d54f07ba7b5ca70b49f34763