___          _____  _____    __  ____  ____       _ 
  / _ \        / ____||_   _|  / _||___ \|___ \     | |
 | | | |__  __| (___    | |   | |_   __) | __) |  __| |
 | | | |\ \/ / \___ \   | |   |  _| |__ < |__ <  / _` |
 | |_| | >  <  ____) | _| |_  | |   ___) |___) || (_| |
  \___/ /_/\_\|_____/ |_____| |_|  |____/|____/  \__,_|
                          ______                       
                         |______|                      

$:> Add a new phishing / malware campaign into 0xSI_f33d
$:> < The Portuguese Abuse Open Feed >
$:> by seguranca-informatica.pt $:> $:> help $:> This feed compiles phishing and malware campaigns targeting only Portuguese citizens $:> su root $root:> Use the hashtag: #0xSI_f33d

- - - - - - - - - - - - - Submit a new campaign - - - - - - - - - - - - -

Add the URL:
Add the category:
Add a tag:


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Friends of 0xSI_F33d

$:> These organizations use data submitted to and verified by 0xSI_f33d.


Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.


Infographic: Threat Report Portugal Q3 2020

$:> Visit the publication here.

$:> history | grep "infographic"
-Q1 2020 Infographic
-Q2 2020 Infographic
-Q3 2020 Infographic



$:> Download the printable version: PDF or PNG
$:> Thanks, by root


API documentation

API is available at https://feed.seguranca-informatica.pt/api.php and will return a CSV or JSON response.
API is free but account creation is required. After that, the API token will be sent to your email.
Please note that running a massive amount of queries in a short time will get you blocked and/or banned.

$:> If you need a API token, please contact us here.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

By default, only last year submitions are returned. Examples on how to use the API can be found below.

$:> Parameters highlighted with red color are mandatory.



Example

Key | Value

fromfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today

possible values: {today;yesterday;last-3-days;last-week;last-month;last-6-months;last-year}
formatfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=csv
feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw

possible values: {csv;json;raw}
tagfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware

possible values: only the available 0xSI_f33d tags
title_or_urlfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware&title_or_url=amazon

example 1: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&title_or_url=banco
example 2: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt
example 3: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt&tag=phishing


Returned list example: {id,url,domain,data,ip,mx,cname,vt_url,img_url,id_user,id_tag,info}


For integration with security appliances, firewalls or spam engines, we recommend using the raw format:

$:> feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw (get domain by line)

$:> Get in touch, or swing by for a cup of coffee.




 :$> Found a phishing website? See if it's in the 0xSI_f33d ;)

  
DateURLCategoryTagVirus TotalSubmited by
2021-04-17pt34correios-ctt-pt.com [ ] phishingCTT 0x_bot-si_f33d
2021-04-17https://office.discountweblink.com/PT/957123651623/?click_id=bBtL6VN... [ ] phishingphishing anonymous
2021-04-16https://psicologodotrabalho.com/DDhFONYrxclvBT7.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-14https://message.discountweblink.com [ ] phishingphishing anonymous
2021-04-14https://malbecediciones.es/webmail.pt.lu/pt.lu [ ] phishingphishing 0x_bot-si_f33d
2021-04-13https://trackpp.locatedeliverypoint.link/ [ ] phishingphishing anonymous
2021-04-13https://lifetarget.com.pt/hWNJhFYiJ.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-13https://psicologodotrabalho.com/zSdd64ga.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-13https://office.discountweblink.com/PT/ [ ] phishingphishing anonymous
2021-04-13https://uitc.com.pk/OS7uCNsbP18wIQocimzA9zk3ctkzMRYclWMnj5F0wDm4TQX3... [ ] phishingmillennium anonymous
2021-04-13https://metalexpert.pl/app/ [ ] phishingPayPal anonymous
2021-04-12http://185.38.142.194/SBIDIOT/arm6 [ ] malwaremalware 0x_bot-si_f33d
2021-04-12http://185.38.142.194/sh [ ] malwaremalware 0x_bot-si_f33d
2021-04-12millennium-bcpf.com phishingmillennium 0x_bot-si_f33d
2021-04-11indmillenniumcp-pt.page [ ] phishingmillennium 0x_bot-si_f33d
2021-04-11appmilleniumnbcp.online phishingmillennium 0x_bot-si_f33d
2021-04-11http://amazon.com-confirmation.account-update.information-login.mail... [ ] phishingphishing 0x_bot-si_f33d
2021-04-10bpi-cadastro.com [ ] phishingbpi 0x_bot-si_f33d
2021-04-10bpi-sms.com [ ] phishingbpi 0x_bot-si_f33d
2021-04-10https://foundation.ama-alshayaschools.com/wp-includes/-/MARKET/MARKE... [ ] phishingphishing anonymous
2021-04-10https://go2.link-track.top/824986f3-6f15-40a2-8575-754969ecabc4?clic... [ ] phishingphishing anonymous
2021-04-10https://trackpp.locatedeliverypoint.link/pt/ips/?p=175&cep=nzvlK2ER8... [ ] phishingphishing anonymous
2021-04-09https://fourtrk.com/lp/adsblock_b/?clickid=3727859154417297762&pid=3... [ ] phishingphishing anonymous
2021-04-08https://appmilleniumnbcpt.serveirc.com/ [ ] phishingmillennium 0x_bot-si_f33d
2021-04-07https://www.rockportportugal.pt/ [ ] phishingphishing 0x_bot-si_f33d
2021-04-07https://correios-ctt-particulares.com/5dd705884607a75283b970e097e005... [ ] phishingphishing anonymous
2021-04-07particulares-ctt-35-pt.com [ ] phishingCTT 0x_bot-si_f33d
2021-04-07http://85.241.39.182:50701/bin.sh [ ] malwaremalware 0x_bot-si_f33d
2021-04-07http://185.38.142.236/bin_TcwPEm122.bin [ ] malwaremalware 0x_bot-si_f33d
2021-04-07http://185.38.142.236/bin_evxJDh93.bin [ ] malwaremalware 0x_bot-si_f33d
2021-04-07http://85.241.39.182:50701/i [ ] malwaremalware 0x_bot-si_f33d
2021-04-06https://millenniumapp-pt.servepics.com/ [ ] phishingmillennium 0x_bot-si_f33d
2021-04-06http://www.telefac.pt/po [ ] phishingphishing 0x_bot-si_f33d
2021-04-05millennium-bcp.net [ ] phishingmillennium 0x_bot-si_f33d
2021-04-05ideeali019pt-arrendamentosportugal010039-imovel9100.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-04-05millenium-bcp.com phishingmillennium 0x_bot-si_f33d
2021-04-05http://185.38.142.236/bin_JFrqLH46.bin [ ] malwaremalware 0x_bot-si_f33d
2021-04-05https://zaharaagiftshop.co.ke/LFf0n8xCNnE6dbNXMqZNrOywT5OME0cQ68Gj63... [ ] phishingphishing anonymous
2021-04-03https://santander.currentacc-security.com/Login.php [ ] phishingsantander 0x_bot-si_f33d
2021-04-03worten.dev [ ] phishingWorten 0x_bot-si_f33d
2021-04-02https://esentedministe.com/CTT/particulares-/ATR480X/Home/Metodo_de_... [ ] phishingCTT anonymous
2021-04-01santander.page [ ] phishingsantander 0x_bot-si_f33d
2021-04-01https://ind-milleniubcp.myvnc.com [ ] phishingmillennium 0x_bot-si_f33d
2021-04-01https://ind-milleniubcp.myvnc.com/_layouts/BCP.SDC.FEP.Foundation.Pr... [ ] phishingmillennium 0x_bot-si_f33d
2021-03-31https://apspluz.pt/t4uocgyb.rar [ ] malwaremalware 0x_bot-si_f33d
2021-03-31http://148.69.108.177:34628/.i [ ] malwaremalware 0x_bot-si_f33d
2021-03-31https://millennium.bcp-online.com/site/choose.php [ ] phishingmillennium 0x_bot-si_f33d
2021-03-31https://millennium.onlinebcp.net/site/choose.php [ ] phishingmillennium 0x_bot-si_f33d
2021-03-30http://archive-admin.museubandasfilarmonicas.pt/assets/plugins/jquer... [ ] phishingphishing 0x_bot-si_f33d
2021-03-29https://gmpaladinos.pt/y8mbffurz.tar [ ] malwaremalware 0x_bot-si_f33d
2021-03-29https://pixelware.pt/km2wq9ud.tar [ ] malwaremalware 0x_bot-si_f33d
2021-03-29https://radioafifense.deploys.live/g05rasj9h.rar [ ] malwaremalware 0x_bot-si_f33d
2021-03-29https://neio.eypikeliena.tech/o/uid/YWR1Y29zdGFAc2Fwby5wdA== [ ] phishingphishing anonymous
2021-03-29https://if.janabadra.ac.id/wp-admin/css/--/https:/ind.millenniumbcp.... [ ] phishingmillennium anonymous
2021-03-28cadastro-santa24h.com [ ] phishingsantander 0x_bot-si_f33d
2021-03-28http://5.206.227.81/private/slim.exe [ ] malwaremalware 0x_bot-si_f33d
2021-03-28http://188.93.233.223/5160f288a2be6fa683d27ea76ce7715dce5ec0ee.exe [ ] malwaremalware 0x_bot-si_f33d
2021-03-27http://188.93.233.223/0d83482657508424b4030ad4448e226067b51106.exe [ ] malwaremalware 0x_bot-si_f33d
2021-03-27https://avalongroup.com.pk/a16KTxU4Oceh8cFUdUl9GuF043j4CjMdaInt69oLb... [ ] phishingnovobanco anonymous
2021-03-27caixadirectaonline.com [ ] phishingcgd 0x_bot-si_f33d
2021-03-27ideaalipt-imobiliariasarrendamentos02-0283733.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-03-26millenniumbcp.page [ ] phishingmillennium 0x_bot-si_f33d
2021-03-26http://matinal-nominal.pt/kdhw08pfb.rar [ ] malwaremalware 0x_bot-si_f33d
2021-03-26online-cadastro.com phishingbanking 0x_bot-si_f33d
2021-03-25http://85.242.253.235:40120/.i [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-03-25caixa-directaonline.com [ ] phishingcgd 0x_bot-si_f33d
2021-03-25http://archive-admin.museubandasfilarmonicas.pt/assets/plugins/jquer... [ ] phishingphishing 0x_bot-si_f33d
2021-03-25https://matinal-nominal.pt/kdhw08pfb.rar [ ] malwaremalware 0x_bot-si_f33d
2021-03-25https://pedido-track-paquete-online-web.com/ctt/ [ ] phishingCTT anonymous
2021-03-24https://praiseunlike.com/ctt/ [ ] phishingCTT anonymous
2021-03-24https://pedrasamarelas.pt/SECURE/9ije/ [ ] phishingphishing 0x_bot-si_f33d
2021-03-24http://188.93.233.59/1.exe [ ] malwaremalware 0x_bot-si_f33d
2021-03-24caixadirecta-online.com phishingcgd 0x_bot-si_f33d
2021-03-24millenniumbcppt.app [ ] phishingmillennium 0x_bot-si_f33d
2021-03-24https://sklep.alplast.com.pl/test/bi/bancobpi/ [ ] phishingbpi @sirpedrotavares
2021-03-24https://package-co.umbler.net/-/in.php [ ] phishingbpi anonymous
2021-03-23http://aquidelrey.pt/xx/index.html [ ] phishingphishing 0x_bot-si_f33d
2021-03-23https://caixa.directa-online.com [ ] phishingcgd anonymous
2021-03-23particulares-ctt-pt.com [ ] phishingCTT 0x_bot-si_f33d
2021-03-23https://lp.crossfit4475.pt/phpmailer/docs/H5Bx7GX3vV3b0N7.php [ ] malwaremalware 0x_bot-si_f33d
2021-03-22https://intavejegej.ml/ [ ] phishingMB WAY anonymous
2021-03-22https://www.loy.pt/pqwqgsir.tar [ ] malwaremalware 0x_bot-si_f33d
2021-03-22http://5.206.227.104/mofile.exe [ ] malwaremalware 0x_bot-si_f33d
2021-03-22https://res192.servconfig.com/~heidijakov/styles/-/market/dhl/MARKET... [ ] phishingphishing anonymous
2021-03-22http://asiaaquatixs.com/log [ ] phishingbanking anonymous
2021-03-22particulares-sant-pt.com phishingsantander 0x_bot-si_f33d
2021-03-22http://188.93.233.223/proxy1.exe [ ] malwaremalware 0x_bot-si_f33d
2021-03-20http://millenniumbcp.departamentoscl.com/ phishingmillennium anonymous


$:> history
-- (Only the last 30 days are presented here. For more details and IoCs please use the search field or the 0xSI_f33d API) --