fbechara.com.br Open in urlscan Pro
177.11.50.160  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/post.php Page URL
2. https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	post.php fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/	170 B 252 B	3719ms 2900ms	Document text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/post.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-type text/html date Thu, 28 Sep 2023 09:27:39 GMT server Apache x-powered-by PHP/5.3.29
GET H2	200	Primary Request password.php Show response fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/	3 MB 3 MB	510ms 510ms	Document text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/post.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash 15e3b2389c6a53ccb6fe3a415a5f2a301fe50963ef3f2103e7d39dd75c0a5519 Request headers Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/post.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-type text/html date Thu, 28 Sep 2023 09:27:42 GMT server Apache x-powered-by PHP/5.3.29
GET H2	200	styles.78d0977667eb10da76e9.css fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/	123 KB 123 KB	754ms 753ms	Stylesheet text/css	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / Resource Hash 9e0b156c7dcf0c25c5124ccfd6abf0f00cc1fd0951c6a3b13a75fd34423107ae Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:43 GMT last-modified Wed, 27 Sep 2023 14:03:08 GMT server Apache accept-ranges bytes content-length 125659 content-type text/css
GET H2	200	keyboardLowerCaseLowContrast.png fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/Resources/images/	0 41 B	260ms 259ms	Image text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/Resources/images/keyboardLowerCaseLowContrast.png Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:44 GMT server Apache x-powered-by PHP/5.3.29 content-length 0 content-type text/html
GET H2	200	logo_positivo_login-big.7fbf6085ff7e5bd66307.png digitalbanking.1firstbank.com/	4 KB 5 KB	1080ms 586ms	Image image/png	45.60.243.223 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://digitalbanking.1firstbank.com/logo_positivo_login-big.7fbf6085ff7e5bd66307.png Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.243.223 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 603c1e2294dbcbe88ddc591d9821a240265908ca32e76ec55166afee2a6a33eb Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com Strict-Transport-Security max-age=31536000 X-Content-Security-Policy default-src 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; style-src 'unsafe-inline' 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; img-src 'self' data: www.google.com www.gstatic.com digitalpilot.1firstbank.com 192.168.44.166 prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com .infocorpgroup.com demosbanking.infocorpgroup.com ; font-src 'self' data:; frame-ancestors 'self' www.messenger.com X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://www.messenger.com/ X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 28 Sep 2023 09:27:44 GMT x-content-type-options nosniff content-security-policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com x-cdn Imperva content-security-policy-report-only default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report x-iinfo 6-34806504-34806516 NNNN CT(131 272 0) RT(1695893264334 31) q(0 0 4 6) r(6 6) U12 content-length 4310 x-xss-protection 1; mode=block last-modified Tue, 29 Aug 2023 18:41:23 GMT server Microsoft-IIS/10.0 etag "7ec84969a8dad91:0" x-frame-options ALLOW-FROM https://www.messenger.com/ content-type image/png x-incap-sess-cookie-hdr jSCLXi4F9G+Q4hDSUSiYAxBHFWUAAAAAnCB16lYZoD3zmYbx3EXDiA== accept-ranges bytes x-content-security-policy default-src 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; style-src 'unsafe-inline' 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; img-src 'self' data: www.google.com www.gstatic.com digitalpilot.1firstbank.com 192.168.44.166 prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com .infocorpgroup.com demosbanking.infocorpgroup.com ; font-src 'self' data:; frame-ancestors 'self' www.messenger.com
GET H2	200	persona.bad0c0e73cbad9fced63.png digitalbanking.1firstbank.com/	1 MB 1 MB	1075ms 581ms	Image image/png	45.60.243.223 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://digitalbanking.1firstbank.com/persona.bad0c0e73cbad9fced63.png Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.243.223 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash df5dd22127c4ef6415aae0b0297a844f6711915ffb7e71c86ecf7dd16a9f5c7e Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com Strict-Transport-Security max-age=31536000 X-Content-Security-Policy default-src 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; style-src 'unsafe-inline' 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; img-src 'self' data: www.google.com www.gstatic.com digitalpilot.1firstbank.com 192.168.44.166 prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com .infocorpgroup.com demosbanking.infocorpgroup.com ; font-src 'self' data:; frame-ancestors 'self' www.messenger.com X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://www.messenger.com/ X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 28 Sep 2023 09:27:44 GMT x-content-type-options nosniff content-security-policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com x-cdn Imperva content-security-policy-report-only default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report x-iinfo 6-34806504-34806515 NNNN CT(128 276 0) RT(1695893264334 32) q(0 0 4 -1) r(6 6) U12 content-length 1514160 x-xss-protection 1; mode=block last-modified Tue, 29 Aug 2023 18:41:24 GMT server Microsoft-IIS/10.0 etag "3a6c7569a8dad91:0" x-frame-options ALLOW-FROM https://www.messenger.com/ content-type image/png x-incap-sess-cookie-hdr x3/0fW9FbgOQ4hDSUSiYAxBHFWUAAAAA5MZMWRDG/iyZIgxJxQTgyg== accept-ranges bytes x-content-security-policy default-src 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; style-src 'unsafe-inline' 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; img-src 'self' data: www.google.com www.gstatic.com digitalpilot.1firstbank.com 192.168.44.166 prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com .infocorpgroup.com demosbanking.infocorpgroup.com ; font-src 'self' data:; frame-ancestors 'self' www.messenger.com
GET H2	200	din-regular-webfont.7b7a5d0acbdf89ba29e7.woff2 fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/	10 KB 10 KB	254ms 254ms	Font font/woff2	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/din-regular-webfont.7b7a5d0acbdf89ba29e7.woff2 Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / Resource Hash fa10e688206d34d4b293b1524cc091415c551daae4b73e3cc68d7398408edf62 Request headers Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Origin https://fbechara.com.br accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:44 GMT last-modified Wed, 27 Sep 2023 14:03:08 GMT server Apache accept-ranges bytes content-length 9872 content-type font/woff2
GET DATA	200 OK	truncated /	4 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 15a480c8b1aa63949382aba261830da644b48b55ba4e018f25926151d3fe7a33 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	311 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 745ed3283ebdc6b81132f2d0712e8573dd9536a82d105398cc740f76847618fd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	244 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0190a699120b3f1b6dacc0b3e9c63ee00c56d7636e3d98fc245f6c7750c73775 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/jpeg
GET		runtime-es2015.c932c89f2a9918c915a2.js digitalbanking.1firstbank.com/	0 0
GET		polyfills-es2015.e5337edb0c03f4329807.js digitalbanking.1firstbank.com/	0 0
GET H2	200	scripts.dcb54f8925a643cd5303.js Show response digitalbanking.1firstbank.com/	400 KB 155 KB	805ms 593ms	Script application/javascript	45.60.243.223 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://digitalbanking.1firstbank.com/scripts.dcb54f8925a643cd5303.js Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.243.223 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 1290038c5dbf2a32c0f57dc768c3c5406b0ff86f20fafffe4146de1a946f5337 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com Strict-Transport-Security max-age=31536000 X-Content-Security-Policy default-src 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; style-src 'unsafe-inline' 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; img-src 'self' data: www.google.com www.gstatic.com digitalpilot.1firstbank.com 192.168.44.166 prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com .infocorpgroup.com demosbanking.infocorpgroup.com ; font-src 'self' data:; frame-ancestors 'self' www.messenger.com X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://www.messenger.com/ X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 28 Sep 2023 09:27:44 GMT x-cdn Imperva content-security-policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com content-security-policy-report-only default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report x-iinfo 6-34806504-34806518 NNNN CT(129 270 0) RT(1695893264334 39) q(0 0 4 -1) r(6 6) U12 x-xss-protection 1; mode=block last-modified Tue, 29 Aug 2023 18:41:24 GMT server Microsoft-IIS/10.0 etag "bbd68d69a8dad91:0" vary Accept-Encoding x-frame-options ALLOW-FROM https://www.messenger.com/ content-type application/javascript x-incap-sess-cookie-hdr TRcuU0ejo2yQ4hDSUSiYAxBHFWUAAAAAbiuy3VRc1QbqZsbq3n3Vmg== accept-ranges bytes x-content-security-policy default-src 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; style-src 'unsafe-inline' 'self' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com digitalpilot.1firstbank.com 192.168.44.166 .infocorpgroup.com ; img-src 'self' data: www.google.com www.gstatic.com digitalpilot.1firstbank.com 192.168.44.166 prisma.infocorpdemos.com *.twitter.com connect.facebook.net *.twimg.com .infocorpgroup.com demosbanking.infocorpgroup.com ; font-src 'self' data:; frame-ancestors 'self' www.messenger.com
GET		main-es2015.94a09754644d9477b61d.js digitalbanking.1firstbank.com/	0 0
GET H2	200	_Incapsula_Resource Show response digitalbanking.1firstbank.com/	144 KB 21 KB	35ms 35ms	Script application/javascript	45.60.243.223 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://digitalbanking.1firstbank.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1525723894 Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.243.223 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash d3f5374c2dabb46d1702ae184a27e70e46f7a54232fabd4e6803ddd9014d0bb2 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com *.doubleclick.net gstatic.com www.google.com.pr *.siteimprove.com m.youtube.com prisma.infocorpdemos.com *.facebook.com cdn.userway.org *.google.com cdn.jsdelivr.net www.gstatic.com region1.google-analytics.com googleapis.com translate.google.com www.google-analytics.com digitalbanking.1firstbank.com ssl.google-analytics.com *.googleapis.com www.google.co.vi google.com *.1firstbank.com fonts.gstatic.com www.1firstbank.com *.gstatic.com api.userway.org www.googletagmanager.com digitalpilot.1firstbank.com; frame-ancestors 'self' google.com author-p64062-e536422.adobeaemcloud.com googleapis.com 1firstbank.com gstatic.com www.google.com digitalbanking.1firstbank.com digitalpilot.1firstbank.com cache-control no-cache, no-store content-encoding gzip x-robots-tag noindex content-length 20418 content-security-policy-report-only default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report content-type application/javascript
GET H2	200	streamline.2d5f53188be47dba20c8.woff fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/	0 18 B	255ms 255ms	Font text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/streamline.2d5f53188be47dba20c8.woff?19c5cw Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Origin https://fbechara.com.br accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:44 GMT server Apache x-powered-by PHP/5.3.29 content-length 0 content-type text/html
GET H2	200	streamline.770a8e407612555286ef.ttf fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/	0 41 B	296ms 296ms	Font text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/streamline.770a8e407612555286ef.ttf?19c5cw Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/styles.78d0977667eb10da76e9.css Origin https://fbechara.com.br accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:45 GMT server Apache x-powered-by PHP/5.3.29 content-length 0 content-type text/html
GET H2	200	_Incapsula_Resource fbechara.com.br/	0 18 B	255ms 255ms	Image text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://fbechara.com.br/_Incapsula_Resource?SWKMTFSR=1&e=0.9925346064790095 Requested by Host: fbechara.com.br URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:45 GMT server Apache x-powered-by PHP/5.3.29 content-length 0 content-type text/html
GET H2	200	version.json Show response fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/	0 18 B	254ms 254ms	XHR text/html	177.11.50.160 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/version.json?reqId=1 Requested by Host: digitalbanking.1firstbank.com URL: https://digitalbanking.1firstbank.com/scripts.dcb54f8925a643cd5303.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.11.50.160 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS host50-160.viabrs.com.br Software Apache / PHP/5.3.29 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:27:45 GMT server Apache x-powered-by PHP/5.3.29 content-length 0 content-type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

digitalbanking.1firstbank.com

URL

https://digitalbanking.1firstbank.com/runtime-es2015.c932c89f2a9918c915a2.js

Domain

digitalbanking.1firstbank.com

URL

https://digitalbanking.1firstbank.com/polyfills-es2015.e5337edb0c03f4329807.js

Domain

digitalbanking.1firstbank.com

URL

https://digitalbanking.1firstbank.com/main-es2015.94a09754644d9477b61d.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: First BanCorp (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| submit function| clone function| initializeIndex function| addVersionToUrl function| getVersion function| Color function| Chart function| qq object| CryptoJS object| icb

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fbechara.com.br/	1970-01-20 15:04:53	Name: ___utmvc Value: 9CfnU+PPWC9psvGZnWSkUUIXPcm+9KZ/F5xehzGehfcHhWB6wEaWVMlbl9HJgQMHYfn5d4U4dlBPScS9jfmwPf+2AB3WawB6CVOgLaGzrucmr5JSLvav0MX/NA7heo2neU0hDVE25maXGQ5U20RQQFiozmXU63uHpXrBLaa/ar/0ZIB51C+OoV1Y1/Xll1slpoJXc8f9yspey6QpU2mB8w8ONgY5Soy1CtpCaJ34gePX6L3qKpuO3NahPisseGDAFkjh6smkJjP84v2BSSq4N5NcjsSkTEGL+YeXNJ5r9MSUuBTikhhGDvdbJ5YWHnKm0MB9C2YUcus1A1DZjW4UZm9suD634bcVcmuZXM1l8YcBTRvg2rm42fTcEmuFoHfNJpuVY2XUEnQuh08P7NMGchL7nzYQNJaV47hc/NgB4pjopPpbSY2xRSJburwrg4ry+BzPPkMLMS2ESaidJP/nonJ5FpBGhSHM1KpFpM8oMduzQAeruOlCTJPkaWIYcRKkLbnYmZQD80rqGbaRZpvf7MwzmenPtwsNCb5pkGdOUO/qrz9LnfpsJV9OP424UuqXMgK1fynuVIu+ayryiwZheOtY6QxqarudNF/zB3jSn30llPnDQZa4X7Z7bR6t9kKw8out2gsr+BrAwSZxfx28vCfzgPVf3zRAl38M3oFdmVqDJJva1IkwcR4Rfaq6H2R3foDeU4eJw+k/5IXvfnbBXepOk45zYX0suDhqRstIBgNAWKG1vlMwxd7dxkUdu3I0o5z52dQBiIG82C23W1tNiVLSFuO4uxMZgnfjZRzYrjg3Gpn8CXZ4GjYX0Y9NSLk/O8+CZRPN8z7p1zFy1xZHxTSXt38eWVcj3ruEaqhy3fkwCdjLfOZ7Fcu5Dp/LIXjez6kv5ZFINj1xffCnJUUaE9ie8xZgdFdRIqRBKxzMgR/pWg+DBHXzrBwsqnqobJigRUW3NXlHsRbZ2Z4liguwapvom0z4jPheGRLRdCyf5TZMILSmWjaRHgNa5mJO+4BGi1BeN5Tnd0/I/b8wnMPBJvuaaVF3vvKPr2OV9xuhvMAkZEZV/1bB1Z8C5fPa8XEvX9YEP6qCHNAEeSa8Q0v3YW9IDjfi0ef+ADHzcstEjzkoGd9cCPvGtduO/bBtaF9bmVw6x/nTuS8+8Z9sHAOtHlTSlQsJJVsEx1kj7sloWRWBotEomMgN6V9kfyDBSdJsvEcpZJRKnCpT1Ls9hQ4kBBJgzE4OXSVzoaI2/CBk4s3ycysJr1vB3LL+LnPSILnWb/0gdWP1tssgs9MizatnGpEHsjYMKpwdYl247XeHSM99E8+YkqTkQrYw6+iWXy0jQvLgZ6UfDwCS7hqPrByVx3DeSLTbMpaDfb99vGTQJ9YWZG/UFmK8AHRFu7EDkG94MlwZ+Aq9R62EPBi/AT1UUOdQc0mj3EzAgZdcc8O2YU7fLudxF9EKzbEutODQIwEj1Er623osDff3bTX8RZ3dYLfdvqGvi07BYTskGuitYhjDwPigap2cmbWORbm8aG5Lct00Xp9oG21XCuwx91FpvGbza7FoYGqi9nwDfFkM9VbugQGXN12Rea1XRV7lqZIV4Qhb75KKoGTY2eABQ3HMkmTage+pJQnQ9K4IZJvE3Z3a+EZGKe3OQEQv9w+PBnBusH/8884SHlHcl76cpqtgtGSoEIDvWc4eg/UwlmiwjcpsdKBrU7AczBn2ULophYOY1JG+I/lLy0fxkOrkDsgeV6epoOt6vTWrFJnLksN7bhFCZpLFnfiFnk8vvQ8dRPgDFSHR1cVKsrlEyw8Cby736abFXNzZ2LqypJoMYdPl6uozuSxj1GCK/N5sgJDE+2MtF0A67DQabyCotWl7csDYzHEaz1sqhJ1nLCXVJzW5QO6rOV1HoSkrWArh1F6SYOMTgE2up8rMbJhVpC0+3gk8USOag8f8LYMbyHoHYg7+bW+XhVOBZCo7xgKzbOV3U8iUVYqvV48iNStusRL9eKAY1OxV/Wzg02XgjbDDXwbO7UMHamKMf7i5NcffnQQ7GWGsGkd8pkIIqUG/qfBDNf+/xSZC/T5btMxwXQ9pzcKQQf8grCuU648P4u+aDVQLJSeJkhPkLXEx0lmgD2Wegydsq1fFRyXeoIBOkdPRJKfKzB9lhmRj0ZpX2nsH/tBvT/36JGXechnNyoXOspPIOWC1xAj/c+mFAYLtakxiWoZ4SND0gICNAkDPyeQL+MkoXfcrfgoIStsJVpT77PcABpuAOrTN0RL7g8u+UvjQvGujrv1hDLfjAaQrnnvUzqqTJ14TcdKld1wwTgut0Dswff8rx/nOSC0CIllclZWFD8kHEnGMAQnbQ1pPu712cgmpOk3Gytz78H7cfOyLIAGMsvFpWwbKTGuJIS70Z3uLqkwqrz8wbpOFbir0DQCLiJaRgUuIb0KYMUKUrJmfW6B0C89ol1V8dwUSDiWtlyDRfLcKh57HIKA5014VfLaykYw6UsBU/5TP82+i+X611+wmFVSs/gA8bTFrMT7rwFzybdniCTkdv4oB1QaNLgmFNfKZKx5ZshDW1kYwHPxsayS+iCUVgn/nrDW+WbdByCGbFCR5X4kdIcvBV9X2N1XowaXuBiXsxAv/gtyn4HkNEk4YZOxjqc1Ssh4LSFaaR/N08BTCKiV8xhAAoZejjBX2WGYaHsJmLgGJPo1aXCvwLUWrWK8ilb9092SJJ9Mwxwjdvje0kX00ErRRnip8Gy09RrGCag5LViMh3Qbx4pr57zCEDvHL6uC+oNGjfjyS5+4MAi2ZLAOkYxd2uWiOFTy86n42FA0CLCAELGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Message: Failed to decode downloaded font: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/streamline.2d5f53188be47dba20c8.woff?19c5cw
other	warning	URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Message: Failed to decode downloaded font: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/css/fonts/streamline.770a8e407612555286ef.ttf?19c5cw
javascript	error	URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Message: Access to script at 'https://digitalbanking.1firstbank.com/main-es2015.94a09754644d9477b61d.js' from origin 'https://fbechara.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digitalbanking.1firstbank.com/main-es2015.94a09754644d9477b61d.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Message: Access to script at 'https://digitalbanking.1firstbank.com/runtime-es2015.c932c89f2a9918c915a2.js' from origin 'https://fbechara.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digitalbanking.1firstbank.com/runtime-es2015.c932c89f2a9918c915a2.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fbechara.com.br/ed/1first/first/76233ee33ca5a4e0f0c220b975cc5182/password.php?response_type=code&client_id=BTN=dynamic-key&trace=_WYw4LfoOXI&_ga=2.193305194.657462726.1689520220-885338833.1687196481 Message: Access to script at 'https://digitalbanking.1firstbank.com/polyfills-es2015.e5337edb0c03f4329807.js' from origin 'https://fbechara.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digitalbanking.1firstbank.com/polyfills-es2015.e5337edb0c03f4329807.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

digitalbanking.1firstbank.com
fbechara.com.br
digitalbanking.1firstbank.com
177.11.50.160
45.60.243.223
0190a699120b3f1b6dacc0b3e9c63ee00c56d7636e3d98fc245f6c7750c73775
1290038c5dbf2a32c0f57dc768c3c5406b0ff86f20fafffe4146de1a946f5337
15a480c8b1aa63949382aba261830da644b48b55ba4e018f25926151d3fe7a33
15e3b2389c6a53ccb6fe3a415a5f2a301fe50963ef3f2103e7d39dd75c0a5519
603c1e2294dbcbe88ddc591d9821a240265908ca32e76ec55166afee2a6a33eb
745ed3283ebdc6b81132f2d0712e8573dd9536a82d105398cc740f76847618fd
9e0b156c7dcf0c25c5124ccfd6abf0f00cc1fd0951c6a3b13a75fd34423107ae
d3f5374c2dabb46d1702ae184a27e70e46f7a54232fabd4e6803ddd9014d0bb2
df5dd22127c4ef6415aae0b0297a844f6711915ffb7e71c86ecf7dd16a9f5c7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa10e688206d34d4b293b1524cc091415c551daae4b73e3cc68d7398408edf62