ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 194.26.192.248:443.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1778765
IOC: 194.26.192.248:443
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Evilginx
Confidence Level : Confidence level is high (90%)
Is compromised? : False
ASN:AS210558 services-1337-gmbh
Country:- DE
First seen:2026-03-30 06:21:14 UTC
Last seen:never
UUID:9f8dfbe9-2bbc-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox

Avatar
Lenny_3BO
Evilginx AiTM phishing panel. Targets: SFR (French telecom), MACIF (French insurance), Microsoft 365. Domains: sfr-webmail.com, client-macif.com, espace-macif.com, webclient-secure.com. Custom DNS on port 53. Express/Node.js backend.