Friends of 0xSI_F33d
$:> These organizations use data submitted to and verified by 0xSI_f33d.
Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.
___ _____ _____ __ ____ ____ _
/ _ \ / ____||_ _| / _||___ \|___ \ | |
| | | |__ __| (___ | | | |_ __) | __) | __| |
| | | |\ \/ / \___ \ | | | _| |__ < |__ < / _` |
| |_| | > < ____) | _| |_ | | ___) |___) || (_| |
\___/ /_/\_\|_____/ |_____| |_| |____/|____/ \__,_|
______
|______|
$:> Add a new phishing / malware campaign into 0xSI_f33d
$:> < The Portuguese Abuse Open Feed >
$:> by seguranca-informatica.pt $:> $:> help $:> This feed compiles phishing and malware campaigns targeting only Portuguese citizens $:> su root $root:> Use the hashtag: #0xSI_f33d
$:> These organizations use data submitted to and verified by 0xSI_f33d.
Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.
$:> Visit the publication here.
$:> history | grep "infographic"
-Q1 2020 Infographic
-Q2 2020 Infographic
-Q3 2020 Infographic
$:> If you need a API token, please contact us here.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
By default, only last year submitions are returned. Examples on how to use the API can be found below.
$:> Parameters highlighted with red color are mandatory.
Example | Key | Value |
| from | feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today possible values: {today;yesterday;last-3-days;last-week;last-month;last-6-months;last-year} |
| format | feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=csv feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw possible values: {csv;json;raw} |
| tag | feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware possible values: only the available 0xSI_f33d tags |
| title_or_url | feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware&title_or_url=amazon example 1: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&title_or_url=banco example 2: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt example 3: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt&tag=phishing |
Returned list example: {id,url,domain,data,ip,mx,cname,vt_url,img_url,id_user,id_tag,info}
For integration with security appliances, firewalls or spam engines, we recommend using the raw format:
$:> feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw (get domain by line)$:> Get in touch, or swing by for a cup of coffee.
| Date | URL | Category | Tag | Virus Total | Submited by |
|---|---|---|---|---|---|
| 2021-04-17 | pt34correios-ctt-pt.com [  ] | phishing | CTT |  | 0x_bot-si_f33d |
| 2021-04-17 | https://office.discountweblink.com/PT/957123651623/?click_id=bBtL6VN... [  ] | phishing | phishing | | anonymous |
| 2021-04-16 | https://psicologodotrabalho.com/DDhFONYrxclvBT7.php [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-14 | https://message.discountweblink.com [  ] | phishing | phishing | | anonymous |
| 2021-04-14 | https://malbecediciones.es/webmail.pt.lu/pt.lu [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-13 | https://trackpp.locatedeliverypoint.link/ [  ] | phishing | phishing | | anonymous |
| 2021-04-13 | https://lifetarget.com.pt/hWNJhFYiJ.php [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-13 | https://psicologodotrabalho.com/zSdd64ga.php [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-13 | https://office.discountweblink.com/PT/ [  ] | phishing | phishing | | anonymous |
| 2021-04-13 | https://uitc.com.pk/OS7uCNsbP18wIQocimzA9zk3ctkzMRYclWMnj5F0wDm4TQX3... [  ] | phishing | millennium | | anonymous |
| 2021-04-13 | https://metalexpert.pl/app/ [  ] | phishing | PayPal | | anonymous |
| 2021-04-12 | http://185.38.142.194/SBIDIOT/arm6 [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-12 | http://185.38.142.194/sh [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-12 | millennium-bcpf.com | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-11 | indmillenniumcp-pt.page [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-11 | appmilleniumnbcp.online | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-11 | http://amazon.com-confirmation.account-update.information-login.mail... [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-10 | bpi-cadastro.com [  ] | phishing | bpi | | 0x_bot-si_f33d |
| 2021-04-10 | bpi-sms.com [  ] | phishing | bpi | | 0x_bot-si_f33d |
| 2021-04-10 | https://foundation.ama-alshayaschools.com/wp-includes/-/MARKET/MARKE... [  ] | phishing | phishing | | anonymous |
| 2021-04-10 | https://go2.link-track.top/824986f3-6f15-40a2-8575-754969ecabc4?clic... [  ] | phishing | phishing | | anonymous |
| 2021-04-10 | https://trackpp.locatedeliverypoint.link/pt/ips/?p=175&cep=nzvlK2ER8... [  ] | phishing | phishing | | anonymous |
| 2021-04-09 | https://fourtrk.com/lp/adsblock_b/?clickid=3727859154417297762&pid=3... [  ] | phishing | phishing | | anonymous |
| 2021-04-08 | https://appmilleniumnbcpt.serveirc.com/ [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-07 | https://www.rockportportugal.pt/ [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-07 | https://correios-ctt-particulares.com/5dd705884607a75283b970e097e005... [  ] | phishing | phishing | | anonymous |
| 2021-04-07 | particulares-ctt-35-pt.com [  ] | phishing | CTT | | 0x_bot-si_f33d |
| 2021-04-07 | http://85.241.39.182:50701/bin.sh [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-07 | http://185.38.142.236/bin_TcwPEm122.bin [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-07 | http://185.38.142.236/bin_evxJDh93.bin [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-07 | http://85.241.39.182:50701/i [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-06 | https://millenniumapp-pt.servepics.com/ [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-06 | http://www.telefac.pt/po [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-05 | millennium-bcp.net [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-05 | ideeali019pt-arrendamentosportugal010039-imovel9100.xyz [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-04-05 | millenium-bcp.com | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-05 | http://185.38.142.236/bin_JFrqLH46.bin [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-04-05 | https://zaharaagiftshop.co.ke/LFf0n8xCNnE6dbNXMqZNrOywT5OME0cQ68Gj63... [  ] | phishing | phishing | | anonymous |
| 2021-04-03 | https://santander.currentacc-security.com/Login.php
[  ] | phishing | santander | | 0x_bot-si_f33d |
| 2021-04-03 | worten.dev [  ] | phishing | Worten | | 0x_bot-si_f33d |
| 2021-04-02 | https://esentedministe.com/CTT/particulares-/ATR480X/Home/Metodo_de_... [  ] | phishing | CTT | | anonymous |
| 2021-04-01 | santander.page [  ] | phishing | santander | | 0x_bot-si_f33d |
| 2021-04-01 | https://ind-milleniubcp.myvnc.com [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-04-01 | https://ind-milleniubcp.myvnc.com/_layouts/BCP.SDC.FEP.Foundation.Pr... [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-03-31 | https://apspluz.pt/t4uocgyb.rar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-31 | http://148.69.108.177:34628/.i [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-31 | https://millennium.bcp-online.com/site/choose.php [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-03-31 | https://millennium.onlinebcp.net/site/choose.php [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-03-30 | http://archive-admin.museubandasfilarmonicas.pt/assets/plugins/jquer... [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-03-29 | https://gmpaladinos.pt/y8mbffurz.tar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-29 | https://pixelware.pt/km2wq9ud.tar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-29 | https://radioafifense.deploys.live/g05rasj9h.rar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-29 | https://neio.eypikeliena.tech/o/uid/YWR1Y29zdGFAc2Fwby5wdA== [  ] | phishing | phishing | | anonymous |
| 2021-03-29 | https://if.janabadra.ac.id/wp-admin/css/--/https:/ind.millenniumbcp.... [  ] | phishing | millennium | | anonymous |
| 2021-03-28 | cadastro-santa24h.com [  ] | phishing | santander | | 0x_bot-si_f33d |
| 2021-03-28 | http://5.206.227.81/private/slim.exe [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-28 | http://188.93.233.223/5160f288a2be6fa683d27ea76ce7715dce5ec0ee.exe [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-27 | http://188.93.233.223/0d83482657508424b4030ad4448e226067b51106.exe [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-27 | https://avalongroup.com.pk/a16KTxU4Oceh8cFUdUl9GuF043j4CjMdaInt69oLb... [  ] | phishing | novobanco | | anonymous |
| 2021-03-27 | caixadirectaonline.com [  ] | phishing | cgd | | 0x_bot-si_f33d |
| 2021-03-27 | ideaalipt-imobiliariasarrendamentos02-0283733.xyz [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-03-26 | millenniumbcp.page [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-03-26 | http://matinal-nominal.pt/kdhw08pfb.rar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-26 | online-cadastro.com | phishing | banking | | 0x_bot-si_f33d |
| 2021-03-25 | http://85.242.253.235:40120/.i [  ] | malware | Satori/Mirai | | 0x_bot-si_f33d |
| 2021-03-25 | caixa-directaonline.com [  ] | phishing | cgd | | 0x_bot-si_f33d |
| 2021-03-25 | http://archive-admin.museubandasfilarmonicas.pt/assets/plugins/jquer... [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-03-25 | https://matinal-nominal.pt/kdhw08pfb.rar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-25 | https://pedido-track-paquete-online-web.com/ctt/ [  ] | phishing | CTT | | anonymous |
| 2021-03-24 | https://praiseunlike.com/ctt/ [  ] | phishing | CTT | | anonymous |
| 2021-03-24 | https://pedrasamarelas.pt/SECURE/9ije/ [  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-03-24 | http://188.93.233.59/1.exe [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-24 | caixadirecta-online.com | phishing | cgd | | 0x_bot-si_f33d |
| 2021-03-24 | millenniumbcppt.app [  ] | phishing | millennium | | 0x_bot-si_f33d |
| 2021-03-24 | https://sklep.alplast.com.pl/test/bi/bancobpi/ [  ] | phishing | bpi | | @sirpedrotavares |
| 2021-03-24 | https://package-co.umbler.net/-/in.php [  ] | phishing | bpi | | anonymous |
| 2021-03-23 | http://aquidelrey.pt/xx/index.html
[  ] | phishing | phishing | | 0x_bot-si_f33d |
| 2021-03-23 | https://caixa.directa-online.com [  ] | phishing | cgd | | anonymous |
| 2021-03-23 | particulares-ctt-pt.com [  ] | phishing | CTT | | 0x_bot-si_f33d |
| 2021-03-23 | https://lp.crossfit4475.pt/phpmailer/docs/H5Bx7GX3vV3b0N7.php [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-22 | https://intavejegej.ml/ [  ] | phishing | MB WAY | | anonymous |
| 2021-03-22 | https://www.loy.pt/pqwqgsir.tar [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-22 | http://5.206.227.104/mofile.exe [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-22 | https://res192.servconfig.com/~heidijakov/styles/-/market/dhl/MARKET... [  ] | phishing | phishing | | anonymous |
| 2021-03-22 | http://asiaaquatixs.com/log [  ] | phishing | banking | | anonymous |
| 2021-03-22 | particulares-sant-pt.com | phishing | santander | | 0x_bot-si_f33d |
| 2021-03-22 | http://188.93.233.223/proxy1.exe [  ] | malware | malware | | 0x_bot-si_f33d |
| 2021-03-20 | http://millenniumbcp.departamentoscl.com/ | phishing | millennium | | anonymous |
$:> history -- (Only the last 30 days are presented here. For more details and IoCs please use the search field or the 0xSI_f33d API) -- |