___          _____  _____    __  ____  ____       _ 
  / _ \        / ____||_   _|  / _||___ \|___ \     | |
 | | | |__  __| (___    | |   | |_   __) | __) |  __| |
 | | | |\ \/ / \___ \   | |   |  _| |__ < |__ <  / _` |
 | |_| | >  <  ____) | _| |_  | |   ___) |___) || (_| |
  \___/ /_/\_\|_____/ |_____| |_|  |____/|____/  \__,_|
                          ______                       
                         |______|                      

$:> Add a new phishing / malware campaign into 0xSI_f33d
$:> < The Portuguese Abuse Open Feed >
$:> by seguranca-informatica.pt $:> $:> help $:> This feed compiles phishing and malware campaigns targeting only Portuguese citizens $:> su root $root:> Use the hashtag: #0xSI_f33d

- - - - - - - - - - - - - Submit a new campaign - - - - - - - - - - - - -

Add the URL:
Add the category:
Add a tag:


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Friends of 0xSI_F33d

$:> These organizations use data submitted to and verified by 0xSI_f33d.


Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.


Infographic: Threat Report Portugal Q1 2021

$:> Visit the publication here.

$:> history | grep "infographic"
-Q4 2020 Infographic
-Q3 2020 Infographic
-Q2 2020 Infographic
-Q1 2020 Infographic



$:> Download the printable version: PDF or PNG
$:> Thanks, by root


API documentation

API is available at https://feed.seguranca-informatica.pt/api.php and will return a CSV or JSON response.
API is free but account creation is required. After that, the API token will be sent to your email.
Please note that running a massive amount of queries in a short time will get you blocked and/or banned.

$:> If you need a API token, please contact us here.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

By default, only last year submitions are returned. Examples on how to use the API can be found below.

$:> Parameters highlighted with red color are mandatory.



Example

Key | Value

fromfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today

possible values: {today;yesterday;last-3-days;last-week;last-month;last-6-months;last-year}
formatfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=csv
feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw

possible values: {csv;json;raw}
tagfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware

possible values: only the available 0xSI_f33d tags
title_or_urlfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware&title_or_url=amazon

example 1: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&title_or_url=banco
example 2: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt
example 3: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt&tag=phishing


Returned list example: {id,url,domain,data,ip,mx,cname,vt_url,img_url,id_user,id_tag,info}


For integration with security appliances, firewalls or spam engines, we recommend using the raw format:

$:> feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw (get domain by line)

$:> Get in touch, or swing by for a cup of coffee.




 :$> Found a phishing website? See if it's in the 0xSI_f33d ;)

  
DateURLCategoryTagVirus TotalSubmited by
2021-06-21https://olxpt.get-order.cyou/order/742359994 [ ] phishingphishing anonymous
2021-06-21https://olxpt.get-order.cyou/order/ [ ] phishingphishing anonymous
2021-06-21https://automotivedigitalretail.com/backup/.well-known/outlink/stp_h... [ ] phishingphishing anonymous
2021-06-21https://rgdrones.pt/commiie [ ] phishingphishing 0x_bot-si_f33d
2021-06-21http://ukotan.com/yUU9fyT [ ] phishingCTT anonymous
2021-06-18https://olx-pt-security.icu/personal/pl/inteligo?t=0.168577292815484... [ ] phishingphishing 0x_bot-si_f33d
2021-06-18https://facirc.pt/verdie-stoltenberg/OliviaGarcia-68.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-06-18http://188.251.77.229:1281/Mozi.a [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-06-18https://mapasminecraft.jonasefonfon.com/dqyjk4o.zip [ ] malwaremalware 0x_bot-si_f33d
2021-06-18https://sarditemp.com/jordyn-walker/WilliamGarcia-1.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-06-18http://2.83.216.149:2607/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-06-18http://77.54.59.77:31387/.i [ ] malwaremalware 0x_bot-si_f33d
2021-06-18http://85.241.39.182:34098/bin.sh malwaremalware 0x_bot-si_f33d
2021-06-18http://85.241.39.182:34098/i malwareSatori/Mirai 0x_bot-si_f33d
2021-06-18http://awunej.me/sMwTexi [ ] phishingCTT anonymous
2021-06-18https://santander.paymentidentify.com/ [ ] phishingsantander 0x_bot-si_f33d
2021-06-18https://dirsil.tech/FOEnNWlCpq4H.php [ ] malwaremalware 0x_bot-si_f33d
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTTN/Aanonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTT anonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTT anonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTT anonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTTN/Aanonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTTN/Aanonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTTN/Aanonymous
2021-06-18http://icekaz.me/KSQ3jqM [ ] phishingCTT anonymous
2021-06-17https://lifetarget.com.pt/hWNJhFYiJ.php [ ] phishingphishing 0x_bot-si_f33d
2021-06-17https://puialdeldouro.lojadointerior.pt/zzz/outlook02/?email=a.ascar... [ ] phishingMicrosoft 0x_bot-si_f33d
2021-06-17http://ukojan.com/ZkSKdzJ [ ] phishingCTT anonymous
2021-06-17http://46.50.92.37:3573/.i [ ] malwaremalware 0x_bot-si_f33d
2021-06-16https://portugaltheman.net/neha-kozey/Olivia.Jones-36.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-06-16https://portugaltheman.net/neha-kozey/OliverWilliams-36.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-06-16http://ozinox.me [ ] malwaremalware anonymous
2021-06-16pizza-hut-portugal.site [ ] phishingphishing 0x_bot-si_f33d
2021-06-15https://portugaltheman.net/mrs--marielle-feest/NoahWilliams-60.zip [ ] malwareQakBot 0x_bot-si_f33d
2021-06-15http://148.69.99.5:59709/.i [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-06-15https://millennium.8736-bcp.com/site/ [ ] phishingmillennium @sirpedrotavares
2021-06-15https://invalid.researchdivine.com/ [ ] phishingphishing anonymous
2021-06-15https://login.microsoftonline.us/common/oauth2/authorize?client_id=8... [ ] phishingMicrosoft 0x_bot-si_f33d
2021-06-15http://8736-bcp.com phishingmillennium anonymous
2021-06-15https://www.padstow-lifeboat.org.uk/wp-content/--/https:/ind.millenn... [ ] phishingmillennium @sirpedrotavares
2021-06-15http://www.ctm-menuiserie.be/CTM/santander/sms.html [ ] phishingsantander 0x_bot-si_f33d
2021-06-15http://2.83.216.145:1215/Mozi.m malwareSatori/Mirai 0x_bot-si_f33d
2021-06-14https://millennium.2533-bcp.com [ ] phishingmillennium 0x_bot-si_f33d
2021-06-14http://85.243.65.13:39616/Mozi.m malwaremalware 0x_bot-si_f33d
2021-06-14http://188.251.70.79:3987/Mozi.m malwaremalware 0x_bot-si_f33d
2021-06-14http://ovayil.me/i8kjJM4 [ ] phishingphishing anonymous
2021-06-14https://olxpt.get-cash.icu/order/642775738 [ ] phishingphishing anonymous
2021-06-14https://ieldanalysisdu.com/ctt/particulares/receber/Codigo_de_envio=... [ ] phishingCTT anonymous
2021-06-13uber-portugal.com phishingphishing 0x_bot-si_f33d
2021-06-13http://89.109.125.147:44251/.i malwaremalware 0x_bot-si_f33d
2021-06-13uberportugal.us phishingphishing 0x_bot-si_f33d
2021-06-13atendimentoaocliente3.com phishingsantander 0x_bot-si_f33d
2021-06-13https://olx.pt.paygrunhe.pw/cash40052919 [ ] phishingphishing anonymous
2021-06-13https://cgd.services/caixadirecta/clients/nvqjLj.php?verification#_ [ ] phishingcgd anonymous
2021-06-13http://ozinox.me/1niHfwg [ ] phishingphishing anonymous
2021-06-12https://uber-pt.safe-order.icu/track.php?id=832319580 [ ] phishingphishing anonymous
2021-06-12https://delivery.intelligentscanningsystem.top/pt/ips/ [ ] phishingphishing anonymous
2021-06-12support-uberportugal.com phishingphishing 0x_bot-si_f33d
2021-06-12indmillenniumbcp.com [ ] phishingmillennium 0x_bot-si_f33d
2021-06-12particulares-bancosantander20.com [ ] phishingsantander 0x_bot-si_f33d
2021-06-12pt-ctt.online phishingCTT 0x_bot-si_f33d
2021-06-11http://87.196.102.31:60863/Mozi.m malwareSatori/Mirai 0x_bot-si_f33d
2021-06-11https://cld.pt/dl/download/daa0996f-0d3f-4314-9889-8010d6957622/saaw... [ ] malwaremalware 0x_bot-si_f33d
2021-06-11https://cld.pt/dl/download/e760a82c-b30f-4e6b-b189-0f7425bf5a99/clea... [ ] malwaremalware 0x_bot-si_f33d
2021-06-11https://cld.pt/dl/download/f59dfc70-3c96-45b4-ad82-9f6aee801296/ASDF... [ ] malwaremalware 0x_bot-si_f33d
2021-06-11http://cm-seguros.pt/bancosanta [ ] phishingsantander anonymous
2021-06-11http://cm-seguros.pt/bancosanta/?logon=set&e02bad58 [ ] phishingsantander 0x_bot-si_f33d
2021-06-11http://mandrill.moip.com.br/track/click/14443671/www.premierbuilder.... [ ] phishingNetflix anonymous
2021-06-11https://r20.rs6.net/tn.jsp?f=001DeigQhVvQuzG9CAFFL4VwFubEJutg8CWBnvD... [ ] phishingCTT anonymous
2021-06-11https://safwahpublications.com/wizink/ [ ] phishingphishing anonymous
2021-06-11millenniumbcplive.com phishingmillennium 0x_bot-si_f33d
2021-06-10novobancopt.com [ ] phishingnovobanco 0x_bot-si_f33d
2021-06-09http://pt-bisi.com/dhl/DHL/portal/index.php [ ] phishingphishing 0x_bot-si_f33d
2021-06-09http://particulares.bancosantand.com/ phishingsantander 0x_bot-si_f33d
2021-06-09http://laresumeservice.com/josh-cruickshank/super_portugal-43.zip [ ] malwaremalware 0x_bot-si_f33d
2021-06-09https://www.mt5apps.com/pay5/F2A88E15 [ ] phishingphishing anonymous
2021-06-09https://sysitemff.customeronline.top [ ] phishingphishing anonymous
2021-06-09https://mesterdinosaurking5eff.blogspot.com/ [ ] phishingCTT anonymous
2021-06-09https://guestpostprovider.com/X8EO.html [ ] phishingNetflix anonymous
2021-06-08http://tlsports.net/brad-koepp-i/proteccion_hsbc_seguros-42.zip [ ] malwaremalware 0x_bot-si_f33d
2021-06-08https://2na.io/actualizar [ ] phishingphishing anonymous
2021-06-07http://pt-bisi.com/dhl/DHL/portal/[email protected] [ ] phishingphishing 0x_bot-si_f33d
2021-06-07https://olx.pt.cashgets.info [ ] phishingphishing 0x_bot-si_f33d
2021-06-07https://www.setindiaprize.com/Santander.pt/ [ ] phishingsantander 0x_bot-si_f33d
2021-06-06pt-entrega.online phishingphishing 0x_bot-si_f33d
2021-06-06seg-social.online phishingphishing 0x_bot-si_f33d
2021-06-06https://payment-pays.site/ctt.pt/cash25587332 [ ] phishingCTT 0x_bot-si_f33d
2021-06-05montepio24.net phishingmontepio 0x_bot-si_f33d
2021-06-05http://176.78.65.29:27813/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-06-05http://ezifec.link/9fppued [ ] phishingphishing anonymous
2021-06-05https://sysitemff.customeronline.top/pt/ips/?p=200&cep=aFGNm_KRiQGt1... [ ] phishingphishing anonymous
2021-06-05http://anabaj.me/eugZXsH phishingphishing anonymous
2021-06-04http://176.78.65.29:27813/i malwareSatori/Mirai 0x_bot-si_f33d
2021-06-04https://thewood.pt/ajHRUBdyXik.php [ ] phishingphishing 0x_bot-si_f33d
2021-06-03caixa-particulares.com [ ] phishingcgd 0x_bot-si_f33d
2021-06-03pt-ctt.site [ ] phishingCTT 0x_bot-si_f33d
2021-06-023rdmillenniummedia.com phishingmillennium 0x_bot-si_f33d
2021-06-02https://dhl.pt:[email protected]/assets/img/payment/2230942/ [ ] phishingphishing anonymous
2021-06-02https://alphanegotiate.com/wizink/ [ ] phishingbanking anonymous
2021-06-02https://www.hmveiculos.com.br/TO/[email protected] [ ] phishingMicrosoft anonymous
2021-06-02http://peaceandfuture.org/wizink/ [ ] phishingbanking anonymous
2021-05-30millenniumbcq.com phishingmillennium 0x_bot-si_f33d
2021-05-30idealistapt-casasdistritoconcelhos899.xyz phishingphishing 0x_bot-si_f33d
2021-05-29http://customer.preciousdecks.com/mw/5a7db0ea75f34fee86e5030e2052178... [ ] phishingWorten anonymous
2021-05-29https://www.milestoparis.com/survey/oworen/source=17066 [ ] phishingWorten anonymous
2021-05-27https://gestaumdigital.com.br/WP#[email protected] [ ] phishingcgd anonymous
2021-05-27http://icukig.me/ZmQ4Do9 [ ] phishingphishing anonymous
2021-05-27http://customer.preciousdecks.com/mw/5a7db0ea75f34fee86e5030e2052178... [ ] phishingWorten anonymous
2021-05-26https://badaboomcapital.com/Millenniumbcp/ [ ] phishingmillennium 0x_bot-si_f33d
2021-05-26https://young-dementia-guide.pt/wp-admin/lip/view/[email protected] [ ] phishingphishing 0x_bot-si_f33d
2021-05-26https://courierpp.giveawaypacks.top/pt/ips/?p=200&cep=FqEhXtA-qPcoPk... [ ] phishingphishing anonymous
2021-05-26http://agesal.co/ [ ] phishingphishing anonymous
2021-05-25http://46.50.62.97:53095/Mozi.m [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-05-25http://idakal.com/KHoSJpq [ ] phishingphishing anonymous
2021-05-25http://85.241.39.182:34098/i [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-05-25http://85.241.39.182:34098/bin.sh [ ] malwareSatori/Mirai 0x_bot-si_f33d
2021-05-24http://sms-i.in/ZW8U [ ] phishingphishing anonymous
2021-05-24https://salvus.co.id/b2b/bah/page/ [ ] phishingCTT anonymous


$:> history
-- (Only the last 30 days are presented here. For more details and IoCs please use the search field or the 0xSI_f33d API) --