___          _____  _____    __  ____  ____       _ 
  / _ \        / ____||_   _|  / _||___ \|___ \     | |
 | | | |__  __| (___    | |   | |_   __) | __) |  __| |
 | | | |\ \/ / \___ \   | |   |  _| |__ < |__ <  / _` |
 | |_| | >  <  ____) | _| |_  | |   ___) |___) || (_| |
  \___/ /_/\_\|_____/ |_____| |_|  |____/|____/  \__,_|
                          ______                       
                         |______|                      

$:> Add a new phishing / malware campaign into 0xSI_f33d
$:> < The Portuguese Abuse Open Feed >
$:> by seguranca-informatica.pt $:> $:> help $:> This feed compiles phishing and malware campaigns targeting only Portuguese citizens $:> su root $root:> Use the hashtag: #0xSI_f33d

- - - - - - - - - - - - - Submit a new campaign - - - - - - - - - - - - -

Add the URL:
Add the category:
Add a tag:


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Friends of 0xSI_F33d

$:> These organizations use data submitted to and verified by 0xSI_f33d.


Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.


Infographic: Threat Report Portugal Q3 2020

$:> Visit the publication here.

$:> history | grep "infographic"
-Q1 2020 Infographic
-Q2 2020 Infographic
-Q3 2020 Infographic



$:> Download the printable version: PDF or PNG
$:> Thanks, by root


API documentation

API is available at https://feed.seguranca-informatica.pt/api.php and will return a CSV or JSON response.
API is free but account creation is required. After that, the API token will be sent to your email.
Please note that running a massive amount of queries in a short time will get you blocked and/or banned.

$:> If you need a API token, please contact us here.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

By default, only last year submitions are returned. Examples on how to use the API can be found below.

$:> Parameters highlighted with red color are mandatory.



Example

Key | Value

fromfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today

possible values: {today;yesterday;last-3-days;last-week;last-month;last-6-months;last-year}
formatfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=csv
feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw

possible values: {csv;json;raw}
tagfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware

possible values: only the available 0xSI_f33d tags
title_or_urlfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware&title_or_url=amazon

example 1: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&title_or_url=banco
example 2: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt
example 3: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt&tag=phishing


Returned list example: {id,url,domain,data,ip,mx,cname,vt_url,img_url,id_user,id_tag,info}


For integration with security appliances, firewalls or spam engines, we recommend using the raw format:

$:> feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw (get domain by line)

$:> Get in touch, or swing by for a cup of coffee.




 :$> Found a phishing website? See if it's in the 0xSI_f33d ;)

  
DateURLCategoryTagVirus TotalSubmited by
2021-02-25https://ia601509.us.archive.org/26/items/index_20210221_1922/index.h... [ ] phishingphishing anonymous
2021-02-25https://icas-bisaro.utad.pt/wp-includes/Requests/Utility/empresa/mob... [ ] phishingphishing 0x_bot-si_f33d
2021-02-25https://kyklos-it.com/wp-admin/js/--/https:/edp.pt/Particulares/?cli... [ ] phishingEDP anonymous
2021-02-24https://maputogal.com/rh3mu8.rar [ ] malwaremalware 0x_bot-si_f33d
2021-02-24http://termofilmpeliculas.pt/ovh/mail.ovh.co.ukV3/W/ [ ] phishingphishing 0x_bot-si_f33d
2021-02-24http://termofilmpeliculas.pt/ovh/mail.ovh.co.ukV3/W [ ] phishingphishing 0x_bot-si_f33d
2021-02-24http://carzone.deve.pt/s3zpciz99.rar [ ] malwaremalware 0x_bot-si_f33d
2021-02-24http://trypar.deve.pt/cd2vg1b.zip [ ] malwaremalware 0x_bot-si_f33d
2021-02-24https://hopelessversed.com/ [ ] phishingMB WAY anonymous
2021-02-24http://5.206.227.104/mofile.exe [ ] malwaremalware 0x_bot-si_f33d
2021-02-24https://vegasvirtualagent.com/mb-mobile.pt/F004f19441/22788001c.php?... [ ] phishingMB WAY anonymous
2021-02-24https://be-fit.pt/befit/wp-admin/maint/-- [ ] phishingphishing 0x_bot-si_f33d
2021-02-24https://olx.pl-portal.cam/ssl/millenium.php [ ] phishingbanking 0x_bot-si_f33d
2021-02-24https://woodchatmolly.com/kpTdjytI.php?65weq4f564f564qf321ff654wfewf... phishingbpi @sirpedrotavares
2021-02-24https://woodchatmolly.com/kpTdjytI.php?65weq4f564f564qf321ff654wfewf... phishingbpi @sirpedrotavares
2021-02-23http://jealouspassage.com/kpTdjytI.php?65weq4fe564fw321fw564fw5f64wq... [ ] phishingbpi anonymous
2021-02-23continentebomdia.com [ ] phishingphishing 0x_bot-si_f33d
2021-02-23https://gtc-pt.com/cgbin [ ] phishingphishing 0x_bot-si_f33d
2021-02-23https://cefalife.com/MBwey [ ] phishingMB WAY anonymous
2021-02-23https://sleee21.utad.pt/wp-content/plugins/yxloias/gejjds/grant/Gran... [ ] phishingphishing 0x_bot-si_f33d
2021-02-23http://pt-olx.me/ [ ] phishingphishing 0x_bot-si_f33d
2021-02-22http://epalvito.com/ds/2202.gif [ ] phishingphishing 0x_bot-si_f33d
2021-02-22http://epalvito.com/ds/2102.gif [ ] phishingphishing 0x_bot-si_f33d
2021-02-22http://188.251.74.46:1161/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-02-22https://olx.pt-id562089.site/cash59992972 [ ] phishingphishing anonymous
2021-02-21novo-cliente-santander.online [ ] phishingsantander 0x_bot-si_f33d
2021-02-21credita-agricola.com phishingcaixa-agricola 0x_bot-si_f33d
2021-02-21https://manuelcostamelo.pt/components/com_content/views/archive/tmpl... [ ] phishingphishing 0x_bot-si_f33d
2021-02-20https://miraclemoor.eu/wp-admin/css/--/https:/www.ansr.pt/?cliente=x... [ ] phishingphishing anonymous
2021-02-19https://track.link-hit.info/click phishingphishing @sirpedrotavares
2021-02-19https://tracking.correctionsystem.win/pt/entregafex/ [ ] phishingphishing anonymous
2021-02-19bpi-banking.net [ ] phishingbpi 0x_bot-si_f33d
2021-02-19netbancoempresa.online [ ] phishingsantander 0x_bot-si_f33d
2021-02-19cibancoinforma.online [ ] phishingsantander 0x_bot-si_f33d
2021-02-18https://mail.phosphorland.pt/apd9tn.tar [ ] malwaremalware 0x_bot-si_f33d
2021-02-18http://5.206.227.101/private/slim.exe [ ] malwaremalware 0x_bot-si_f33d
2021-02-17http://olx-pt.pays-access.com/ [ ] phishingphishing 0x_bot-si_f33d
2021-02-17ctt-post-portugal.com [ ] phishingCTT 0x_bot-si_f33d
2021-02-17redis-cttpost.com [ ] phishingCTT 0x_bot-si_f33d
2021-02-17http://facebook.mystand.pt/ubz24w61.rar [ ] malwaremalware 0x_bot-si_f33d
2021-02-17https://shipprime.sendtocollectionpoint.win/pt/ips/?p=175&cep=HyYWPz... [ ] phishingphishing anonymous
2021-02-16http://192.95.2.164 [ ] malwareURSA/mispadu anonymous
2021-02-16http://144.217.17.185/ [ ] malwareURSA/mispadu anonymous
2021-02-16http://185.150.117.93 [ ] malwareURSA/mispadu anonymous
2021-02-16https://weizink.com/d0a6eff58d3ba8c480a081b20088e1d7/ [ ] phishingbanking anonymous
2021-02-16http://jimdog2.cloudaccess.host/templates/beez3/Alerte [ ] phishingMB WAY anonymous
2021-02-16millenniumbcp-cancelar.com phishingmillennium 0x_bot-si_f33d
2021-02-16millenniumbcp-pt-alerta.com [ ] phishingmillennium 0x_bot-si_f33d
2021-02-16http://www.guardarunners.pt/wp-content/Host_IkaBCwUo229.bin [ ] malwaremalware 0x_bot-si_f33d
2021-02-16https://closeneighborhood.com/ [ ] phishingMB WAY anonymous
2021-02-15pt-id562089.site [ ] phishingphishing 0x_bot-si_f33d
2021-02-15ideapt-arrendar-casas876000mapapt.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-02-15bpinetpt.com phishingbpi 0x_bot-si_f33d
2021-02-14ideptcasasportugal-01293771.icu [ ] phishingphishing 0x_bot-si_f33d
2021-02-14pt-totta.com [ ] phishingsantander 0x_bot-si_f33d
2021-02-13https://mbway-desbloquear.id-392.com [ ] phishingMB WAY anonymous
2021-02-13http://85.241.39.182:40587/i [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-02-11http://autorpauloschmidt.com/s260xm.tar [ ] malwaremalware 0x_bot-si_f33d
2021-02-11https://autorpauloschmidt.com/s260xm.tar [ ] malwaremalware 0x_bot-si_f33d
2021-02-11http://millennium-bcp-alerta.com [ ] phishingmillennium anonymous
2021-02-10https://storage.googleapis.com/mystorage2021/P-2-19.dll malwareLampion @sirpedrotavares
2021-02-10https://storage.googleapis.com/mystorage2021/0.zip malwareLampion @sirpedrotavares
2021-02-10http://5.188.9.28 malwareLampion anonymous
2021-02-10http://5.188.9.28/ phishingbanking @sirpedrotavares
2021-02-10millennium-bcp-alerta.com [ ] phishingmillennium 0x_bot-si_f33d
2021-02-10millenniumbcp-alerta-pt.com [ ] phishingmillennium 0x_bot-si_f33d
2021-02-10https://www.webuzz.com.pt/office/dhl_top/cmd-login=7152cc9e332ccb53d... [ ] phishingphishing 0x_bot-si_f33d
2021-02-09bpi-portugal.com [ ] phishingbpi 0x_bot-si_f33d
2021-02-09millennium-bcp.link [ ] phishingmillennium 0x_bot-si_f33d
2021-02-09https://comprovativo-millenniumbcp.nettweb5.com [ ] phishingmillennium anonymous
2021-02-09https://farrishustlez.com/pkerkmt3.php?65w4eqf654ef321ef546fewqfwffh... [ ] phishingbpi anonymous
2021-02-09http://mbway.id-27002.com [ ] phishingMB WAY anonymous
2021-02-09https://dao.international/wp-admin/--/https:/ind.millenniumbcp.pt/Pa... [ ] phishingmillennium @sirpedrotavares
2021-02-09https://ads-bcp.com/site/choose.php [ ] phishingmillennium @sirpedrotavares
2021-02-09https://protezionesalute.it/wp-admin/css/https:/www.bancobpi.pt/Part... [ ] phishingbpi @sirpedrotavares
2021-02-09https://pantrykitchen.co.za/wp-admin/css/--/https:/www.creditoagrico... [ ] phishingcaixa-agricola @sirpedrotavares
2021-02-08millenniumbcp-alert.com [ ] phishingmillennium 0x_bot-si_f33d
2021-02-08http://188.251.71.208:2919/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-02-08https://wizink-online-cartao.com/PT820119576/8ed1fe57d1ecedfeae3a97b... [ ] phishingphishing anonymous
2021-02-06idealistapt-apartamento0129-casas012931.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-02-04https://dobuy-online.com/M-B-Way [ ] phishingMB WAY anonymous
2021-02-04wizink-clientes-netbanco-particulares.com [ ] phishingbanking 0x_bot-si_f33d
2021-02-04https://wizink-particulares-cartao.com/PT834750338 [ ] phishingphishing anonymous
2021-02-04https://ads-credit.com/choose.php [ ] phishingcaixa-agricola anonymous
2021-02-03idealistapt-info231protecao-012911apartamento1.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-02-03http://alnujaifi-portal.com/ds/3101.gif [ ] malwaremalware 0x_bot-si_f33d
2021-02-01https://heberhalf.com/wp-content/plugins/imsanity/libs/jss/ [ ] phishingCTT anonymous
2021-02-01grupo-santander.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-31idealistapt-casas183113-avisoinfo10318.xyz phishingphishing 0x_bot-si_f33d
2021-01-30https://yenisenelcorap.com/wp-chnfes.html [ ] phishingphishing anonymous
2021-01-30http://85.241.39.182:33252/i malwareSatori/Mirai 0x_bot-si_f33d
2021-01-28https://lesggespouly.com/7mkCTmOP.php [ ] phishingbpi anonymous
2021-01-28https://yofricana.com/wp-admin/js/https:/www.creditoagricola.pt/ [ ] phishingcaixa-agricola anonymous
2021-01-28https://spinshipments.com/cc/pt/?dom=transferclicks.com&cep=s7Fx19_5... [ ] phishingCTT anonymous
2021-01-28evs-ctt-post-pt.net [ ] phishingCTT 0x_bot-si_f33d
2021-01-28evs-ctt-post-pt.net [ ] phishingCTT 0x_bot-si_f33d
2021-01-28https://electronic-messagecom.com:443/28012021/ [ ] malwarebanking anonymous
2021-01-27https://azoresalive.com/wea92k.rar [ ] malwareUrsnif 0x_bot-si_f33d
2021-01-27http://85.240.220.211:1363/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-01-27worten.club [ ] phishingWorten 0x_bot-si_f33d
2021-01-27http://admin.ffauto.pt/ew4bx7fpy.rar [ ] malwaremalware 0x_bot-si_f33d
2021-01-27https://stainedjabot.com/wp-includes/iryR9fdy.php?56we4qf654f65fq321... [ ] phishingbpi anonymous
2021-01-27http://admin.jpcar.mystand.pt/occb6nxz4.rar [ ] malwaremalware 0x_bot-si_f33d


$:> history
-- (Only the last 30 days are presented here. For more details and IoCs please use the search field or the 0xSI_f33d API) --