___          _____  _____    __  ____  ____       _ 
  / _ \        / ____||_   _|  / _||___ \|___ \     | |
 | | | |__  __| (___    | |   | |_   __) | __) |  __| |
 | | | |\ \/ / \___ \   | |   |  _| |__ < |__ <  / _` |
 | |_| | >  <  ____) | _| |_  | |   ___) |___) || (_| |
  \___/ /_/\_\|_____/ |_____| |_|  |____/|____/  \__,_|
                          ______                       
                         |______|                      

$:> Add a new phishing / malware campaign into 0xSI_f33d
$:> < The Portuguese Abuse Open Feed >
$:> by seguranca-informatica.pt $:> $:> help $:> This feed compiles phishing and malware campaigns targeting only Portuguese citizens $:> su root $root:> Use the hashtag: #0xSI_f33d

- - - - - - - - - - - - - Submit a new campaign - - - - - - - - - - - - -

Add the URL:
Add the category:
Add a tag:


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Friends of 0xSI_F33d

$:> These organizations use data submitted to and verified by 0xSI_f33d.


Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.


Infographic: Threat Report Portugal Q1 2021

$:> Visit the publication here.

$:> history | grep "infographic"
-Q4 2020 Infographic
-Q3 2020 Infographic
-Q2 2020 Infographic
-Q1 2020 Infographic



$:> Download the printable version: PDF or PNG
$:> Thanks, by root


API documentation

API is available at https://feed.seguranca-informatica.pt/api.php and will return a CSV or JSON response.
API is free but account creation is required. After that, the API token will be sent to your email.
Please note that running a massive amount of queries in a short time will get you blocked and/or banned.

$:> If you need a API token, please contact us here.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

By default, only last year submitions are returned. Examples on how to use the API can be found below.

$:> Parameters highlighted with red color are mandatory.



Example

Key | Value

fromfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today

possible values: {today;yesterday;last-3-days;last-week;last-month;last-6-months;last-year}
formatfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=csv
feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw

possible values: {csv;json;raw}
tagfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware

possible values: only the available 0xSI_f33d tags
title_or_urlfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware&title_or_url=amazon

example 1: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&title_or_url=banco
example 2: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt
example 3: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt&tag=phishing


Returned list example: {id,url,domain,data,ip,mx,cname,vt_url,img_url,id_user,id_tag,info}


For integration with security appliances, firewalls or spam engines, we recommend using the raw format:

$:> feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw (get domain by line)

$:> Get in touch, or swing by for a cup of coffee.




 :$> Found a phishing website? See if it's in the 0xSI_f33d ;)

  
DateURLCategoryTagVirus TotalSubmited by
2021-05-12https://panel.advancedwebpage.com/PT/957126371/?click_id=PZhyhFl&var... [ ] phishingphishing anonymous
2021-05-12https://www.pleasantenergy.org/Santander/ [ ] phishingsantander anonymous
2021-05-11http://www.faros.pt/1839491/0101 [ ] phishingphishing 0x_bot-si_f33d
2021-05-10http://www.fer-maq.pt/Scripts/service-supp-ppI/ca-en-ligne/9d845737f... [ ] phishingphishing 0x_bot-si_f33d
2021-05-10https://mail.fer-maq.pt/Scripts/service-supp-ppI/ca-en-ligne/9d84573... [ ] phishingphishing 0x_bot-si_f33d
2021-05-10https://panel.discountweblink.com/ [ ] phishingphishing anonymous
2021-05-09bpi-bancopt.com phishingbpi 0x_bot-si_f33d
2021-05-09banco-bpi-pt.com [ ] phishingbpi 0x_bot-si_f33d
2021-05-09bpi-banco-pt.com phishingbpi 0x_bot-si_f33d
2021-05-08hospitaldaluz-pt.com [ ] phishingphishing 0x_bot-si_f33d
2021-05-08bk-ctt.com [ ] phishingCTT 0x_bot-si_f33d
2021-05-07http://www.cozinholikeaboss.pt/wp-includes/images/media/Express%20SF... [ ] phishingphishing 0x_bot-si_f33d
2021-05-06http://archive-admin.museubandasfilarmonicas.pt/assets/plugins/jquer... [ ] phishingphishing 0x_bot-si_f33d
2021-05-06https://www.bullcar.pt/ajb/USAA/index.php [ ] phishingphishing 0x_bot-si_f33d
2021-05-05wortenpromocoes.com [ ] phishingWorten 0x_bot-si_f33d
2021-05-05https://www.descobrirportugal.net/lethskiyty/IK/of1/pn6ct7kyrmevawb5... [ ] phishingphishing 0x_bot-si_f33d
2021-05-05http://176.78.65.29:27813/bin.sh [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-05-05http://176.78.65.29:27813/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-05-05http://176.78.65.29:27813/i [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-05-03https://thewood.pt/ajHRUBdyXik.php [ ] phishingphishing 0x_bot-si_f33d
2021-05-03https://ptcttpart.com/DKSKDKDKSKDKD/KDZKDKSKDKS8438843 [ ] phishingphishing anonymous
2021-05-03https://particulares-ctt-correios-pt.com/68d2a/Seleccione_medio_de_p... [ ] phishingphishing anonymous
2021-04-30https://go2.link-track.top/click [ ] phishingphishing anonymous
2021-04-30https://tracker.lostitemtracker.cloud/pt/entregafex/ [ ] phishingCTT anonymous
2021-04-30https://library.ptklschrs.in/wrongfulness.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-29http://innhanhsaigon.vn/Q7i/francisco_patricio-31.zip [ ] malwareQakBot anonymous
2021-04-29ind-millennium-bcp.site [ ] phishingmillennium 0x_bot-si_f33d
2021-04-29https://restauranteoprado.pt/zCJJC/LiamSmith-76.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-04-28cartas-bancobpi.com [ ] phishingbpi 0x_bot-si_f33d
2021-04-28https://e-pay.pt/Gfkk/WilliamWilliams-19.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-04-28http://www.radiovozdematosinhos.pt/ca0432/2021/Finance/tang [ ] phishingphishing 0x_bot-si_f33d
2021-04-28http://188.93.233.223/proxy1.exe [ ] malwaremalware 0x_bot-si_f33d
2021-04-28https://viveirosdoprado.pt/p3EL2/EmmaGarcia-95.zip [ ] malwaremalware 0x_bot-si_f33d
2021-04-28https://ambitus.pt/S3KeY/OliviaSmith-38.zip [ ] malwaremalware 0x_bot-si_f33d
2021-04-27http://www.radiovozdematosinhos.pt/ca0432/2021/Finance/tang/ [ ] phishingphishing 0x_bot-si_f33d
2021-04-27https://www.alkharasana.com/wp-content/plugins/themify-ptb/includes/... [ ] phishingphishing 0x_bot-si_f33d
2021-04-26https://corkonbag.pt/ndcs.pni/ecca.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-24https://fundamental.pt/paypalonline2021/Support81488/customer_center... [ ] phishingphishing 0x_bot-si_f33d
2021-04-23http://46.50.62.97:53095/Mozi.m [ ] malwaremalware 0x_bot-si_f33d
2021-04-22https://trotti-pro.com/wp-admin/js/--/https:/www.empresas.santander.... [ ] phishingsantander anonymous
2021-04-22https://trotti-pro.com/wp-admin/js/--/https:/ind.millenniumbcp.pt/ [ ] phishingmillennium anonymous
2021-04-21http://mundis.pt/pondu/tesla.htm [ ] phishingphishing 0x_bot-si_f33d
2021-04-21https://vetmar.pt/j2872392323uqdqhjdqwqeqwh2u3o232323oiqwe223 [ ] phishingphishing 0x_bot-si_f33d
2021-04-20http://85.241.39.182:43259/i malwaremalware 0x_bot-si_f33d
2021-04-19https://mapasminecraft.jonasefonfon.com/dqyjk4o.zip [ ] malwaremalware 0x_bot-si_f33d
2021-04-19http://85.241.39.182:43259/bin.sh malwaremalware 0x_bot-si_f33d
2021-04-19http://188.93.233.59/d515b82629ce25b41646fdc3ebe748fd303f0492.exe [ ] malwaremalware 0x_bot-si_f33d
2021-04-18http://188.251.77.229:1281/Mozi.a [ ] malwaremalware 0x_bot-si_f33d
2021-04-17pt34correios-ctt-pt.com [ ] phishingCTT 0x_bot-si_f33d
2021-04-17https://office.discountweblink.com/PT/957123651623/?click_id=bBtL6VN... [ ] phishingphishing anonymous
2021-04-16https://psicologodotrabalho.com/DDhFONYrxclvBT7.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-14https://message.discountweblink.com [ ] phishingphishing anonymous
2021-04-14https://malbecediciones.es/webmail.pt.lu/pt.lu [ ] phishingphishing 0x_bot-si_f33d
2021-04-13https://trackpp.locatedeliverypoint.link/ [ ] phishingphishing anonymous
2021-04-13https://lifetarget.com.pt/hWNJhFYiJ.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-13https://psicologodotrabalho.com/zSdd64ga.php [ ] phishingphishing 0x_bot-si_f33d
2021-04-13https://office.discountweblink.com/PT/ [ ] phishingphishing anonymous
2021-04-13https://uitc.com.pk/OS7uCNsbP18wIQocimzA9zk3ctkzMRYclWMnj5F0wDm4TQX3... [ ] phishingmillennium anonymous
2021-04-13https://metalexpert.pl/app/ [ ] phishingPayPal anonymous


$:> history
-- (Only the last 30 days are presented here. For more details and IoCs please use the search field or the 0xSI_f33d API) --