___          _____  _____    __  ____  ____       _ 
  / _ \        / ____||_   _|  / _||___ \|___ \     | |
 | | | |__  __| (___    | |   | |_   __) | __) |  __| |
 | | | |\ \/ / \___ \   | |   |  _| |__ < |__ <  / _` |
 | |_| | >  <  ____) | _| |_  | |   ___) |___) || (_| |
  \___/ /_/\_\|_____/ |_____| |_|  |____/|____/  \__,_|
                          ______                       
                         |______|                      

$:> Add a new phishing / malware campaign into 0xSI_f33d
$:> < The Portuguese Abuse Open Feed >
$:> by seguranca-informatica.pt $:> $:> help $:> This feed compiles phishing and malware campaigns targeting only Portuguese citizens $:> su root $root:> Use the hashtag: #0xSI_f33d

- - - - - - - - - - - - - Submit a new campaign - - - - - - - - - - - - -

Add the URL:
Add the category:
Add a tag:


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Friends of 0xSI_F33d

$:> These organizations use data submitted to and verified by 0xSI_f33d.


Are you using 0xSI_f33d data, but not listed here?
Let us know so we can share the good news with the 0xSI_f33d community.


Infographic: Threat Report Portugal Q3 2020

$:> Visit the publication here.

$:> history | grep "infographic"
-Q1 2020 Infographic
-Q2 2020 Infographic



$:> Download the printable version: PDF or PNG
$:> Thanks, by root


API documentation

API is available at https://feed.seguranca-informatica.pt/api.php and will return a CSV or JSON response.
API is free but account creation is required. After that, the API token will be sent to your email.
Please note that running a massive amount of queries in a short time will get you blocked and/or banned.

$:> If you need a API token, please contact us here.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

By default, only last year submitions are returned. Examples on how to use the API can be found below.

$:> Parameters highlighted with red color are mandatory.



Example

Key | Value

fromfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today

possible values: {today;yesterday;last-3-days;last-week;last-month;last-6-months;last-year}
formatfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=csv
feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw

possible values: {csv;json;raw}
tagfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware

possible values: only the available 0xSI_f33d tags
title_or_urlfeed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&tag=malware&title_or_url=amazon

example 1: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=json&title_or_url=banco
example 2: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt
example 3: feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=last-year&format=csv&title_or_url=.pt&tag=phishing


Returned list example: {id,url,domain,data,ip,mx,cname,vt_url,img_url,id_user,id_tag,info}


For integration with security appliances, firewalls or spam engines, we recommend using the raw format:

$:> feed.seguranca-informatica.pt/api.php?token_u=#&token_p=#&from=today&format=raw (get domain by line)

$:> Get in touch, or swing by for a cup of coffee.




 :$> Found a phishing website? See if it's in the 0xSI_f33d ;)

  
DateURLCategoryTagVirus TotalSubmited by
2021-01-20http://carzone.deve.pt/s3zpciz99.rar [ ] malwaremalware 0x_bot-si_f33d
2021-01-20http://trypar.deve.pt/cd2vg1b.zip [ ] malwaremalware 0x_bot-si_f33d
2021-01-20http://salaodigitalautomovel.pt.deve.pt/d8ms3mljy.zip [ ] malwaremalware 0x_bot-si_f33d
2021-01-20https://mb-way.website/app/entrar.php?hash=e082e865af38c632a3aae1daf... [ ] phishingMB WAY anonymous
2021-01-19https://ibhayd.org.tr/BatbDhFLOgGN0IlXm3hpNCriT2eWPCXQdGsgozs4UzHK8s... [ ] phishingbpi anonymous
2021-01-18https://ibhayd.org.tr/BatbDhFLOgGN0IlXm3hpNCriT2eWPCXQdGsgozs4UzHK8s... [ ] phishingbpi anonymous
2021-01-18https://mathieu-delmestre.fr/wp-admin/css/https:/www.bancobpi.pt/Par... [ ] phishingphishing anonymous
2021-01-18https://mathieu-delmestre.fr/wp-admin/css/https:/www.bancobpi.pt/Par... [ ] phishingphishing anonymous
2021-01-18http://188.251.74.46:1161/Mozi.m [ ] malwaremalware 0x_bot-si_f33d
2021-01-16https://www.bpi-att.com/?n= [ ] phishingbpi @sirpedrotavares
2021-01-16https://topcustomgifts.be/wp-admin/js/https:/www.bancobpi.pt/Particu... [ ] phishingbpi @sirpedrotavares
2021-01-16https://landsnew.com/wp-admin/js/https:/www.bancobpi.pt/Particulares... [ ] phishingbpi @sirpedrotavares
2021-01-16netbanco-santander-particulares-online.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-16netbanco-santander-particulares-online.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-16millenniumbcp.link phishingmillennium 0x_bot-si_f33d
2021-01-16http://a.ert4.co/fuCCuu [ ] phishingphishing anonymous
2021-01-16http://www.curaemocional.pt/server [ ] phishingphishing 0x_bot-si_f33d
2021-01-15https://instinto26.pt/bngtd [ ] phishingphishing 0x_bot-si_f33d
2021-01-15https://particulares-esantand.ath.cx/car/ [ ] phishingsantander anonymous
2021-01-15https://jsikeieei.mybigcommerce.com/x/ [ ] phishingsantander anonymous
2021-01-15https://ctt-entraga-online-seguir.com/PT819764005/ [ ] phishingCTT anonymous
2021-01-15http://tmieurii.wwwaz1-ss34.a2hosted.com/TTC/ [ ] phishingCTT anonymous
2021-01-15net24mont.online [ ] phishingmontepio 0x_bot-si_f33d
2021-01-15indmillennium.com [ ] phishingmillennium 0x_bot-si_f33d
2021-01-15http://tmieurii.wwwaz1-ss34.a2hosted.com/STN [ ] phishingsantander anonymous
2021-01-13http://facebook.mystand.pt/ubz24w61.rar [ ] malwaremalware 0x_bot-si_f33d
2021-01-13https://bramble-midi-amethyst.glitch.me/#[email protected] [ ] phishingcgd anonymous
2021-01-13https://flipstate53.com/u9z8hJEs.php?65w4f654f6565wefw132ewe654ew45w... [ ] phishingbpi anonymous
2021-01-13https://www.paroisses-theix-surzur.com/adjwSbqcPTWwEMXr [ ] phishingbpi anonymous
2021-01-13https://mbway.website/ [ ] phishingMB WAY anonymous
2021-01-12acessobpi.com [ ] phishingbpi 0x_bot-si_f33d
2021-01-12netbanco-santandetotta-online-cartao.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-12santander-totta-pt-web.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-12entraga-ctt-seguir-online.com [ ] phishingCTT 0x_bot-si_f33d
2021-01-11https://www5.ritamartins.pt/d4bfa7nne.zip [ ] malwaremalware 0x_bot-si_f33d
2021-01-11https://11.tecmultimedia.pt/uo3659975.rar [ ] malwaremalware 0x_bot-si_f33d
2021-01-11idealista-pt-43497-andar-f458608h.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-01-11idealista-pt-49347-andar-f45869h.xyz [ ] phishingphishing 0x_bot-si_f33d
2021-01-11seguir-ctt-entraga-online.com phishingCTT 0x_bot-si_f33d
2021-01-10https://aspx-seg.email [ ] phishingbanking anonymous
2021-01-10https://service-seg.us [ ] phishingphishing anonymous
2021-01-10https://ado-seg.com [ ] phishingphishing anonymous
2021-01-10https://homepage-livre.com [ ] phishingphishing anonymous
2021-01-10https://cxcancelamento.com [ ] phishingbanking anonymous
2021-01-10santander-particulares-w3.net [ ] phishingphishing 0x_bot-si_f33d
2021-01-10netbanco-santander-cartao.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-10netbanco-santander-cartao.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-09http://statsaho.wwwmi3-ss57.a2hosted.com/CTAO [ ] phishingphishing anonymous
2021-01-08http://statsaho.wwwmi3-ss57.a2hosted.com/TOTTA [ ] phishingsantander anonymous
2021-01-08bpi-app.com [ ] phishingbpi 0x_bot-si_f33d
2021-01-08http://www.bambuconvites.pt/offic365/ [ ] phishingMicrosoft 0x_bot-si_f33d
2021-01-08https://mbway.site [ ] phishingMB WAY anonymous
2021-01-07https://cxonlinec.com [ ] phishingbanking anonymous
2021-01-07https://takhatpurkibhadas.com/.well-known/make/ddl [ ] phishingphishing anonymous
2021-01-07millenniumbcp.online [ ] phishingmillennium 0x_bot-si_f33d
2021-01-07app-millenniumbcp.site [ ] phishingmillennium 0x_bot-si_f33d
2021-01-07particularebancosantander.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-07http://jfcampanario.ifreg.pt/uwihjcghge.html?jhBgVdSEQAZSXDRcFvgHBnj... [ ] phishingphishing 0x_bot-si_f33d
2021-01-07http://statsaho.wwwmi3-ss57.a2hosted.com/CTAO [ ] phishingCTT anonymous
2021-01-06indmillennium-bcp.site [ ] phishingmillennium 0x_bot-si_f33d
2021-01-06cartao-santandertotta-netbanco.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-06fraude-bancosantander.com [ ] phishingsantander 0x_bot-si_f33d
2021-01-06http://www.mbway.a0001.net/seguranca.mbway/index2.php [ ] phishingMB WAY anonymous
2021-01-06http://www.bit.ly/2Luelq4 [ ] phishingphishing anonymous
2021-01-06https://depressed-fish.com/HK6pwN4f1si5IExBPx1jjSDGu57Al4RtFOa1cTXTC... [ ] phishingbpi anonymous
2021-01-06https://otobusbiletionline.com/cyIA4qK6.php?654we564fe3f21efe564fwew... [ ] phishingbpi anonymous
2021-01-06http://556425.cavrawertadh.com [ ] phishingphishing anonymous
2021-01-05https://loginxkl-web.com [ ] phishingbanking anonymous
2021-01-05https://splendideventsllc.org/Banco/ [ ] phishingsantander anonymous
2021-01-05entraga-ctt-express.com [ ] phishingCTT 0x_bot-si_f33d
2021-01-05https://mandrillapp.com/track/click/31079582/www.facilitas.co.za?p=e... [ ] phishingCTT anonymous
2021-01-05https://www.facilitas.co.za/home.html [ ] phishingCTT anonymous
2021-01-03http://promosms.eu/lp20/ [ ] phishingcovid19 anonymous
2021-01-03http://www.loginattempt-secure.com/ [ ] phishingphishing 0x_bot-si_f33d
2021-01-03http://servicopagamentocaixadirecta.a0001.net/ [ ] phishingcgd anonymous
2021-01-03http://servicopagamentocaixadirecta.a0001.net/paymentidD221529172639... [ ] phishingcgd 0x_bot-si_f33d
2021-01-01http://paiement.gandi2.net-4f1d3a85.justbikes.pt/bzBTd3cyL0ErVFMzaXc... [ ] phishingphishing 0x_bot-si_f33d
2021-01-01novobanco.net [ ] phishingnovobanco 0x_bot-si_f33d
2021-01-01netbanco-santadertotta-cartaobloqueado.com [ ] phishingsantander 0x_bot-si_f33d
2020-12-31http://hsjku.justbikes.pt/gd/ [ ] phishingphishing 0x_bot-si_f33d
2020-12-31http://pay.hoslpoint50c1f08d7.ch-0c1f08d7.justbikes.pt/ch/ [ ] phishingphishing 0x_bot-si_f33d
2020-12-31http://a.justbikes.pt/ch/ [ ] phishingphishing 0x_bot-si_f33d
2020-12-31http://73684109.justbikes.pt/fr/ [ ] phishingphishing 0x_bot-si_f33d
2020-12-31santandertotta-cartao-reativa.com [ ] phishingsantander 0x_bot-si_f33d
2020-12-31banco-santander.info [ ] phishingsantander 0x_bot-si_f33d
2020-12-30https://activobank-pt.site/_loginV2/?hash=f01f18eaec89816094bc3868f6... [ ] phishingbanking 0x_bot-si_f33d
2020-12-30https://millenniumbcp-pt.site/ [ ] phishingmillennium 0x_bot-si_f33d
2020-12-30http://archimedescatamaran.com/wp-content/plugins/duplicator/libe/js... [ ] phishingCTT anonymous
2020-12-30https://bit.ly/moptvil [ ] phishingCTT anonymous
2020-12-30https://www.echterlive.lu/test/perl/-/ [ ] phishingCTT anonymous
2020-12-30https://luandasoft.com/wp-content/CrjJarg/ [ ] malwareEmotet 0x_bot-si_f33d
2020-12-30https://epgv01.fr/httpsaduaneiro.portaldasfinancas.gov.ptjspmain.jsp... [ ] phishingphishing anonymous
2020-12-29http://xvcspnr.organideia.pt/content/odQQAEd0WhzK517RSDZzBCmYkXj6gdG... [ ] malwareEmotet 0x_bot-si_f33d
2020-12-29https://sarklaten.org/wp-admin/js/https:/ind.millenniumbcp.pt/pt/ [ ] phishingmillennium @sirpedrotavares
2020-12-29https://www.hfb.pt/templates/beez3/ivlclklbzp.php [ ] phishingphishing anonymous
2020-12-29https://www.hfb.pt/aa/ [ ] phishingphishing anonymous
2020-12-29https://mercadopagolog.com [ ] phishingbanking anonymous
2020-12-29https://mercadopagofinaldeano.com [ ] phishingbanking anonymous
2020-12-29http://loginxkl-web.com [ ] phishingbanking anonymous
2020-12-29http://onlineappcef.com [ ] phishingbanking anonymous
2020-12-29http://cxonlineb.com [ ] phishingbanking anonymous
2020-12-29seguranca-mbway.com [ ] phishingMB WAY 0x_bot-si_f33d
2020-12-29seguir-ctt-online.com [ ] phishingCTT 0x_bot-si_f33d
2020-12-29http://24.152.36.236/ malwareURSA/mispadu @sirpedrotavares
2020-12-29ctt-post-pt.net phishingCTT 0x_bot-si_f33d
2020-12-29https://ind-millenniumbcp.site [ ] phishingmillennium anonymous
2020-12-29http://193.239.86.182/ malwareURSA/mispadu @sirpedrotavares
2020-12-29http://47.254.94.1/ malwareURSA/mispadu @sirpedrotavares
2020-12-28https://vivtra.com/wocg/skin/frontend/default/blue/jss [ ] phishingCTT anonymous
2020-12-28https://ctt-online-seguir.com/PT72346780/ [ ] phishingCTT anonymous
2020-12-28ind-milleniumbcp.net [ ] phishingmillennium 0x_bot-si_f33d
2020-12-28ind-millenniumbcp.net phishingmillennium 0x_bot-si_f33d
2020-12-28https://melgescarwash.com/auth/ [ ] phishingphishing anonymous
2020-12-28https://firstchoicecapitalfunding.com/rcIjBYdF.php?65w4ef65f213ew546... [ ] phishingbpi anonymous
2020-12-28https://aymediapictures.com/wp-admin/js/https:/ind.millenniumbcp.pt/ [ ] phishingmillennium @sirpedrotavares
2020-12-28formadepagamento-ctt.com [ ] phishingCTT 0x_bot-si_f33d
2020-12-28postal-ctt.com phishingCTT 0x_bot-si_f33d
2020-12-28http://minhiday.wwwmi3-ss56.a2hosted.com/PR [ ] phishingCTT anonymous
2020-12-28https://alterarentre-ctt-express.com/PT726393247 [ ] phishingCTT anonymous
2020-12-27https://171.anubis171.com [ ] phishingbanking anonymous
2020-12-27https://cosechasus.com/ss [ ] phishingphishing anonymous
2020-12-27https://viplatam.com/es/F004f19441/ [ ] phishingphishing anonymous
2020-12-27santander-totta-particulares.com [ ] phishingsantander 0x_bot-si_f33d
2020-12-27http://santanderportugalparticulares.splendideventsllc.org/ [ ] phishingsantander 0x_bot-si_f33d
2020-12-26https://2textile.pt/wp-content/uploads/2020/12/index.html?ihBgVd$EQA... [ ] phishingphishing 0x_bot-si_f33d
2020-12-25http://188.80.4.80:4760/Mozi.m [ ] malwaremalware 0x_bot-si_f33d
2020-12-25idda01291es-compartidosbancos3110-basedatos0129381.xyz phishingphishing 0x_bot-si_f33d
2020-12-25ind-milleniumbcp.online [ ] phishingmillennium 0x_bot-si_f33d
2020-12-25idda01232es-compartidosbancos3143-basedatos014311.xyz phishingphishing 0x_bot-si_f33d
2020-12-25idda0129pt-flowpreco123-relatoriosprecohabitacao0192.xyz phishingphishing 0x_bot-si_f33d


$:> history
-- (Only the last 30 days are presented here. For more details and IoCs please use the search field or the 0xSI_f33d API) --