ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 194.26.192.248:8080.

Database Entry

IOC ID:	1778764
IOC:	194.26.192.248:8080
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	Evilginx
Confidence Level :	Confidence level is high (90%)
Is compromised? :	False
ASN:	AS210558 services-1337-gmbh
Country:	DE
First seen:	2026-03-30 06:21:15 UTC
Last seen:	never
UUID:	9f821332-2bbc-11f1-9af6-42010aa4000a
Reporter	Lenny_3BO
Reward	5 credits from ThreatFox

Lenny_3BO

Evilginx AiTM phishing panel. Targets: SFR (French telecom), MACIF (French insurance), Microsoft 365. Domains: sfr-webmail.com, client-macif.com, espace-macif.com, webclient-secure.com. Custom DNS on port 53. Express/Node.js backend.