IPMediumSignal 99/100

`216.198.79.1`

Location

United States

Atlanta, Georgia

ASN

AS16509

Lefkoff Industries

First Seen

Jan 12, 2025

Last Seen

Jun 3, 2026

Jan 12

First Seen

515d ago

Jun 3

Last Seen

8d ago

Reports

source reports

99%

Confidence

medium

Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

99%

Signal Score

99 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

38 techniques

Network Information

Country

United States

RegionAtlanta, Georgia

ASNAS16509

OrganizationLefkoff Industries

IP Category

⟲

Proxy

Proxy server

⬢

Hosting

Hosting provider

Feed Intelligence Summary

20 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseacademic institutionsactive scanactive scanningaddressalbertaalbertandpalbertaucpalerts exploreapache upgradeaptaustraliabad reputationbankingbeenbotnetbotnet activitybrand impersonationbrute forcebrute force attackcanadacivil servicescommand and controlcommunication protocolcommunication technologiescowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicesdata encryptiondata exfiltrationdata store exposuredatabase attackddosddos attackdecoy systemdenial of servicedionaeadionaea honeypotdistributed attacksdnsdns attackdomaindomains rulesdoneeducationeducational resourceseducational serviceseducational technologyelectronic health recordsencryptionexploitation activityexploited hostextortionfattfinancefinance and insurancefinancial servicesfinancial technologyfraud ordersftpgoagovernment of albertagovernment technologyhackinghealth care and social assistancehealth information technologyhealthcare information systemshelp togglehigher educationhomograph attackhoneytrap honeypothospital managementhttp scanneridentity & access exploitationinfrastructure acquisitionreconnaissanceinjection activityk-12 educationkeywordlookupmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemanualmastodon-benignmedical servicesmobile carriersmobile networksnetworknetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynone nonenorth americaoceaniap0fpassword attackspatient carepayment processingphishphishingphishing attackphishing trappleasepolcertprocess injectionprotocol exploitationproxypublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesresearchedresource hijackingrocky linuxsafelyscams & fraudscannersensor-taggedsentrypeer botnetservice enumerationsignsmtpsocial engineeringsocradarspamsquat analyzessh attackssh monitoringsupply chain attacksystem accesssystem disruptiont1021t1036.004t1040t1046t1055t1056t1056.001t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.001t1486t1490t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1583.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003takedowns toolstannertargeting databasetelecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetoolstor nodetpottyposquattingunited statesupgradeupgrade upgradeusverified-benignvoipvoip attackvowelwealth managementweb application attackweb exploitweb exploitationweb spamweb traffic

Activity Timeline

1 total obs

Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

99%

Confidence

Reports

First seenJan 12, 2025

Last seenJun 3, 2026

GeolocationUS

CountryUnited States

LocationAtlanta, Georgia

ASNAS16509

OrgLefkoff Industries

Coords33.8541, -84.3791

ProxyHosting

VirusTotal

Not checked

WHOIS

raw: NetRange: 216.198.79.0 - 216.198.79.255 CIDR: 216.198.79.0/24 NetName: VERCEL-05 NetHandle: NET-216-198-79-0-1 Parent: NET216 (NET-216-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Vercel, Inc (ZEITI) RegDate: 2024-07-18 Updated: 2024-07-23 Comment: -----BEGIN CERTIFICATE-----MIIDmzCCAoOgAwIBAgIUTMKcM2H1tsIcV3hpF0N39LVAKWIwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ8wDQYDVQQHDAZDb3ZpbmExEzARBgNVBAoMClZlcmNlbCBJbmMxGzAZBgkqhkiG9w0BCQEWDG1AdmVyY2VsLmNvbTAeFw0yNDA3MjMxODA5MzVaFw0yNTA3MjMxODA5MzVaMF0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEPMA0GA1UEBwwGQ292aW5hMRMwEQYDVQQKDApWZXJjZWwgSW5jMRswGQYJKoZIhvcNAQkBFgxtQHZlcmNlbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/hHwf0sOo4vzyuP6s+JuoHeErI6mJcPNhQCCxAxYNDTaDeEXd3LixVwQRaNWbwr7W3n178dI1ONH48DbC1vhhKPlsr+PlMxg5Zq084ImbtwjU6u7xx1Gy0ImcZL7ZV2BAstBp5E4YuiLVl4n5eS9IsnicnfXtcqOrAbdMAtzS8IxVRzekxHRfUQ4yVeKSTP+U68h97eNSYDm/KFzuHJ5vX8jWFaeEySyc/ailkkvEkf6iVJ792XyaTEBjdBkwA+0h5xFn8p+b/BOhEnIQFlGvjZz4XK+fuO93sVlnhPl7GeBOnnzKk4XdvoYD0GJtmyWN11//GJl7Napc9B5va2FAgMBAAGjUzBRMB0GA1UdDgQWBBT/9wzVcRhqga1CZzs9uB+5Mgpe2DAfBgNVHSMEGDAWgBT/9wzVcRhqga1CZzs9uB+5Mgpe2DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBMtW8dZu5ILejM0uSRuuOIQdhOT7Uedc3AzcDmEQrtJ4WPN4wbPmRLiRNFEpgMEeoICKKmQId1Cw2nMpuvscmie7J5gm6K82iWNQqNUDOIKt4B6G2tMcf6rLWDwTHsBtR/w5CrtoaoAIop+8WNYgESJBgbEqnArRMhBdTvhuZShmT0zCO5n12Ed0kNql+fNJyYR91Z/+VzZ7yC8Kj1dYaqZlwuDjbHe1a72UzyIN/vTQuWCGQFiGw+7zScO04nNF+L3YYRKyQTNhWRJTvD7GOXYJk1aNz730p0h8ic/4RnlF0SljxXNtBvjT2iTBQoePVx4cMpqdtvcaivCq1Q6Odh-----END CERTIFICATE----- Ref: https://rdap.arin.net/registry/ip/216.198.79.0 OrgName: Vercel, Inc OrgId: ZEITI Address: 340 S LEMON AVE #4133 City: Walnut StateProv: CA PostalCode: 91789 Country: US RegDate: 2020-03-26 Updated: 2024-11-25 Comment: https://vercel.com Ref: https://rdap.arin.net/registry/entity/ZEITI OrgAbuseHandle: ABUSE7926-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-415-980-8007 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE7926-ARIN OrgTechHandle: MFV2-ARIN OrgTechName: Vieira, Matheus Fernandez OrgTechPhone: +1-415-980-8007 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/MFV2-ARIN OrgTechHandle: HADDA65-ARIN OrgTechName: Haddad, Joe OrgTechPhone: +1-415-398-5463 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/HADDA65-ARIN
references: https://x.com/PhishStats/status/2042095697076342935, https://x.com/PhishStats/status/2042303668771242154, https://dnstwister.report/search?ed=616c62657274612e6361, https://x.com/Fact_Finder03/status/1998314723016876233, https://phishstats.info:8443/public/dashboard/3bd497a3-9d59-441a-a4e8-6b7544312257

`216.198.79.1`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy