https://www.bancoazteca.com.gt/BancoAztecaGua/

Scan ID:
bd23ac02-b3f7-4748-b18b-3c0422aecc1bFinished
Submitted URL:
https://www.bancoazteca.com.gt/BancoAztecaGua/
Report Finished:

Risks · 0 found

Practices that may pose security risks

  • No classification

Security Headers · 7 found

HTTP response headers that can harden the security of a web application

Learn more...
NameValueSupportInfo
Strict-Transport-Securitymax-age=31536000; includeSubDomains; preloadGoodDeclare that a website is only accessible over a secure connection (HTTPS).

Click to learn more...
X-Frame-OptionsSAMEORIGINGoodIndicate whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>.

Click to learn more...
X-Content-Type-OptionsnosniffGoodIndicate that the MIME types advertised in the Content-Type headers should be followed and not be changed.

Click to learn more...
Content-Security-Policydefault-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'self' 'unsafe-inline' https: http:; img-src 'self' 'unsafe-inline' data: https: http:; font-src 'self' 'unsafe-inline' https: http:; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; GoodControl resources the user agent is allowed to load for a given page.

Click to learn more...
Referrer-Policysame-originGoodControl how much referrer information should be included with requests.

Click to learn more...
Clear-Site-DataGoodControl the data stored by a client browser for their origins.

Click to learn more...
X-Permitted-Cross-Domain-PoliciesGoodControl whether a web client such as Adobe Flash Player or Adobe Acrobat has permission to handle data across domains.

Click to learn more...
Permissions-Policycamera=(self); fullscreen=(self); geolocation=(self); gyroscope=(self); magnetometer=(self); microphone=(self); midi=(self); payment=(self); sync-xhr=(self)NewAllow and deny the use of browser features in a document or iframe.

Click to learn more...
Cross-Origin-Embedder-PolicyNewConfigure embedding cross-origin resources into the document.

Click to learn more...
Cross-Origin-Opener-PolicyNewEnsure a top-level document does not share a browsing context group with cross-origin documents.

Click to learn more...
Cross-Origin-Resource-PolicyNewRequest that the browser blocks no-cors cross-origin/cross-site requests to the given resource.

Click to learn more...
X-XSS-Protection1; mode=blockDeprecatedDeprecated. Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

Click to learn more...
Feature-PolicyDeprecatedDeprecated. Replaced by the Permissions-Policy header.

Click to learn more...
Expect-CTDeprecatedDeprecated. Opt in to reporting and/or enforcement of Certificate Transparency requirements.

Click to learn more...
Public-Key-PinsDeprecatedDeprecated. Allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.

Click to learn more...

Security Violations · 51 found

Requests or resources offending security policies

ViolationTypeInfo
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-GexoTwqrfltoTYPQfP1YMuzCCirtMj0aIYCrZRVxl4s='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-NGKZFWM' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=UA-160320509-1' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-q0kXijLVqc02OG1aPa64mflK9l30jIT+WkgJ827g5DI='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/global.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/jquery.smartbanner.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/bazteca.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/buscar.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/altoiframe.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/eyephish.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-R5gpWYQhqCpv16Mo196x/Pz4fNRx8M/DWm68HozAXXE='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/BancoAztecaGua/resources/js/divisas/inicio.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=UA-160320509-1
Description
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-Q0Q2G0Y3K3&l=dataLayer&cx=c&gtm=457e4bk0za200' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=UA-160320509-1
Description
[Report Only] Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtm.js?id=GTM-NGKZFWM
Description
[Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1725846665.1732641639&auid=619664873.1732641639&npa=1&gtm=45He4bk0v830824256za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732641638783&tfd=5310&apve=1' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtm.js?id=GTM-NGKZFWM
Description
[Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1725846665.1732641639&auid=619664873.1732641639&npa=1&gtm=45He4bk0v830824256za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732641638783&tfd=5310&apve=1' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtm.js?id=GTM-NGKZFWM
Description
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-MJ9JL4CYHN&l=dataLayer&cx=c&gtm=45He4bk0v830824256za200' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtm.js?id=GTM-NGKZFWM
Description
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/destination?id=AW-10798556993&l=dataLayer&cx=c&gtm=45He4bk0v830824256za200' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtm.js?id=GTM-NGKZFWM
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-I7QkM3j/O/CSHbJqSF2p10TRWo+dxkO837tNyxjdiUk='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Description
[Report Only] Refused to load the script 'https://connect.facebook.net/en_US/fbevents.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/
Description
[Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "default-src 'self' data: blob:". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.google-analytics.com/analytics.js
Description
[Report Only] Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1472175132&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&ul=en-us&de=UTF-8&dt=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&sd=24-bit&sr=1x1&vp=790x600&je=0&_u=YEBAAUABAAAAACAAI~&jid=1746940832&gjid=808385055&cid=909462685.1732641639&tid=UA-160320509-1&_gid=1863291892.1732641639&_r=1&gtm=457e4bk0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=1101954287' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=G-Q0Q2G0Y3K3&l=dataLayer&cx=c&gtm=457e4bk0za200
Description
[Report Only] Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-Q0Q2G0Y3K3&gtm=45je4bk0v9125672844za200&_p=1732641636901&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=909462685.1732641639&ul=en-us&sr=1x1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1732641639&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&dt=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&en=page_view&_fv=1&_ss=1&tfd=6430' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=G-Q0Q2G0Y3K3&l=dataLayer&cx=c&gtm=457e4bk0za200
Description
[Report Only] Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-Q0Q2G0Y3K3&gtm=45je4bk0v9125672844za200&_p=1732641636901&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=909462685.1732641639&ul=en-us&sr=1x1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1732641639&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&dt=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&en=page_view&_fv=1&_ss=1&tfd=6430' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=G-Q0Q2G0Y3K3&l=dataLayer&cx=c&gtm=457e4bk0za200
Description
[Report Only] Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q0Q2G0Y3K3&cid=909462685.1732641639&gtm=45je4bk0v9125672844za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=G-Q0Q2G0Y3K3&l=dataLayer&cx=c&gtm=457e4bk0za200
Description
[Report Only] Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q0Q2G0Y3K3&cid=909462685.1732641639&gtm=45je4bk0v9125672844za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the image 'https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q0Q2G0Y3K3&cid=909462685.1732641639&gtm=45je4bk0v9125672844za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2107129844' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/
Description
[Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "default-src 'self' data: blob:". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/destination?id=AW-10798556993&l=dataLayer&cx=c&gtm=45He4bk0v830824256za200
Description
[Report Only] Refused to load the script 'https://www.googleadservices.com/pagead/conversion/10798556993/?random=1732641640604&cv=11&fst=1732641640604&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9178922742z8830824256za201zb830824256&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1&u_h=1&url=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&label=Visita_Sitio&hn=www.googleadservices.com&frm=0&tiba=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=619664873.1732641639&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=G-MJ9JL4CYHN&l=dataLayer&cx=c&gtm=45He4bk0v830824256za200
Description
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-MJ9JL4CYHN&gtm=45je4bk0v9101033166z8830824256za200zb830824256&_p=1732641636901&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=909462685.1732641639&ul=en-us&sr=1x1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1732641640&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&dt=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&en=page_view&_fv=1&_ss=1&tfd=7710' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.googletagmanager.com/gtag/js?id=G-MJ9JL4CYHN&l=dataLayer&cx=c&gtm=45He4bk0v830824256za200
Description
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-MJ9JL4CYHN&gtm=45je4bk0v9101033166z8830824256za200zb830824256&_p=1732641636901&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=909462685.1732641639&ul=en-us&sr=1x1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1732641640&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&dt=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&en=page_view&_fv=1&_ss=1&tfd=7710' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/pidcrypt_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://connect.facebook.net/en_US/fbevents.js
Description
[Report Only] Refused to load the script 'https://connect.facebook.net/signals/config/2837456839804853?v=2.9.176&r=stable&domain=www.bancoazteca.com.gt&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-jUb5krGt8vv47JDpw92o4rOUDkYiWQlKnkP2dmLVa6c='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the image 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10798556993/?random=1775831615&cv=11&fst=1732641640604&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9178922742z8830824256za201zb830824256&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1&u_h=1&url=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&label=Visita_Sitio&hn=www.googleadservices.com&frm=0&tiba=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&value=0&npa=1&pscdl=noapi&auid=619664873.1732641639&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&eitems=ChEIgICWugYQv9barp6arprkARIdAMRLdDw56C9GHOmByh2Ej32LECxbuELlFuomD1U&pscrd=IhMIp_qdjMH6iQMVi2JBAh1g6QDoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEVJZ0lDV3VnWVFzN3FwdFBhS19MM0RBUklzQUZRUW5icGdseEh6emI5UmhzUThOM1Y5a1VYazkyUEpNd0o2X1FhTEZMYzJ2bzNFTUE4RHUxbktWcTA' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-a/eIoxaqnB/koi8ml2hBYX9cqRuKpbDlxgqQGQ3jRu8='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-3/iklU9lxO6XlawBEG/XJVLpLBjHY05eoD3sPCqN8hQ='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the image 'https://www.facebook.com/tr/?id=2837456839804853&ev=PageView&dl=https%3A%2F%2Fwww.bancoazteca.com.gt&rl=&if=false&ts=1732641643325&sw=1&sh=1&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.2.1732641643283.19715705282748237&cs_est=true&pm=1&hrl=a0f5b3&ler=empty&cdl=API_unavailable&it=1732641641626&coo=false&cs_cc=1&cas=7398590950254247&rqm=GET' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-/IGhFy1L9/V2IZMtZKgtZuWGmVb9PTqNHIoznfoND94='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=37394093' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/pidcrypt_util_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/asn1_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/jsbn_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/rng_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/prng4_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/rsa_c.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/eBankingWeb/js/encriptacion/base_64.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-UKA9S8/anDVt/XXjB6Rh46AteKg1xAUZYM5TFECmfzc='), or a nonce ('nonce-...') is required to enable inline execution.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/eBankingWeb/security/login.jsp
Description
[Report Only] Refused to load the script 'https://www.bancoazteca.com.gt/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=42&cb=1741975675' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the image 'https://www.google.com/pagead/1p-conversion/10798556993/?random=1775831615&cv=11&fst=1732641640604&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9178922742z8830824256za201zb830824256&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1&u_h=1&url=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&label=Visita_Sitio&hn=www.googleadservices.com&frm=0&tiba=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&value=0&npa=1&pscdl=noapi&auid=619664873.1732641639&uaa=...uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&pscrd=IhMIp_qdjMH6iQMVi2JBAh1g6QDoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEVJZ0lDV3VnWVFzN3FwdFBhS19MM0RBUklzQUZRUW5icGdseEh6emI5UmhzUThOM1Y5a1VYazkyUEpNd0o2X1FhTEZMYzJ2bzNFTUE4RHUxbktWcTA&is_vtc=1&cid=CAQSGwCa7L7dYnpJgkQA_I4tuL2Z-vXNrx02AsYT4Q&eitems=ChEIgICWugYQv9barp6arprkARIdAMRLdDwS_96KQlL_4LBaSVNdqnhGbUcqtNSD6PM&random=161406246' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...
Resource
https://www.bancoazteca.com.gt/BancoAztecaGua/
Description
[Report Only] Refused to load the image 'https://www.google.es/pagead/1p-conversion/10798556993/?random=1775831615&cv=11&fst=1732641640604&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9178922742z8830824256za201zb830824256&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1&u_h=1&url=https%3A%2F%2Fwww.bancoazteca.com.gt%2FBancoAztecaGua%2F&label=Visita_Sitio&hn=www.googleadservices.com&frm=0&tiba=Sitio%20Oficial%20%7C%20Banco%20Azteca%20Guatemala&value=0&npa=1&pscdl=noapi&auid=619664873.1732641639&uaa=&...&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&pscrd=IhMIp_qdjMH6iQMVi2JBAh1g6QDoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEVJZ0lDV3VnWVFzN3FwdFBhS19MM0RBUklzQUZRUW5icGdseEh6emI5UmhzUThOM1Y5a1VYazkyUEpNd0o2X1FhTEZMYzJ2bzNFTUE4RHUxbktWcTA&is_vtc=1&cid=CAQSGwCa7L7dYnpJgkQA_I4tuL2Z-vXNrx02AsYT4Q&eitems=ChEIgICWugYQv9barp6arprkARIdAMRLdDwS_96KQlL_4LBaSVNdqnhGbUcqtNSD6PM&random=161406246&ipr=y' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
Content Security PolicyControl resources the user agent is allowed to load for a given page.

Click to learn more...

Certificates · 7 found

SSL/TLS Certificates enable websites to encrypt transactions between the client and the server and provide server identity verification

SubjectIssue dateExpiry date
www.bancoazteca.com.gtMar 6, 2024, 00:00:00Apr 6, 2025, 23:59:59
*.google-analytics.comOct 21, 2024, 08:36:57Jan 13, 2025, 08:36:56
www.google.comOct 21, 2024, 08:38:45Jan 13, 2025, 08:38:44
*.facebook.comSep 4, 2024, 00:00:00Dec 3, 2024, 23:59:59
*.g.doubleclick.netOct 21, 2024, 08:36:57Jan 13, 2025, 08:36:56
*.google.esOct 21, 2024, 08:39:31Jan 13, 2025, 08:39:30
www.googleadservices.comOct 21, 2024, 08:38:19Jan 13, 2025, 08:38:18