216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 20/04/2026 13:52 · Modified 19/05/2026 18:09

Essential information

Value / Name
https://139.180.139.209/prod-api/system/confData/getUserConfByKey/
Confidence
100/100
Revoked
Yes
Valid from
20/04/2026 12:25
Valid until
19/05/2026 18:08
Pattern type
stix
Published
20/04/2026 13:52
Modified
19/05/2026 18:09
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'https://139.180.139.209/prod-api/system/confData/getUserConfByKey/']

Labels / Tags

Labels: app store chinese targeting credential theft cryptocurrency cryptocurrency wallet enterprise certificates fakewallet ios phishing apps provisioning profiles sparkkitty

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Attack reports (1)