IOC Radar
IPMediumSignal 74/100

85.90.196.224

Location
RomaniaRomania
Bucharest, București
ASN
AS204957
Green Floid LLC
First Seen
Apr 15, 2026
Last Seen
Apr 23, 2026
Apr 15
First Seen
56d ago
Apr 23
Last Seen
48d ago
9
Reports
source reports
74%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryRORomania
RegionBucharest, București
ASNAS204957
OrganizationGreen Floid LLC

Feed Intelligence Summary

9 reports74% confidence
9
Source reports
74%
Confidence score
Category tags
abuseactive scanactive scanningbad reputationbrute forcebrute force attackerbrute-forceeuropeindicatornetworkportscanreconnaissanceresearchedromaniascannerscannersservice scant1595.001t1595.002t1595.003vultr

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
9
Reports
First seenApr 15, 2026
Last seenApr 23, 2026
GeolocationRO
CountryRomania
LocationBucharest, București
ASNAS204957
OrgGreen Floid LLC
Coords44.4268, 26.1025

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw
inetnum: 85.90.196.0 - 85.90.196.255 netname: GF-RO-BUC remarks: Geofeed https://itldc.com/ipgeo.csv descr: *********************************************************** descr: * As ISP we provide hosting, virtual and dedicated servers. descr: * descr: * Those services are self managed by our customers descr: * therefore, we are not using this IP space ourselves descr: * and it could be assigned to various end customers. descr: * descr: * In case of issues related to SPAM, Fraud, Phishing descr: * DDoS, port scans, or others, feel free to contact us descr: * with relevant info. Abuse email: [email protected] descr: *********************************************************** country: RO geoloc: 44.47854840681553 26.11802126243144 geofeed: https://itldc.com/ipgeo.csv admin-c: GRFL-RIPE tech-c: GRFL-RIPE status: ASSIGNED PA mnt-by: GRFL-MNT created: 2023-08-16T14:26:47Z last-modified: 2023-08-16T14:26:47Z source: RIPE person: GreenFloid NOC address: East Jefferson Street, 2707 address: Orlando, FL, 32803, USA phone: +1 561 2500001 nic-hdl: GRFL-RIPE mnt-by: GRFL-MNT created: 2018-09-10T07:52:11Z last-modified: 2018-09-10T07:52:11Z source: RIPE route: 85.90.196.0/24 origin: AS204957 mnt-by: GRFL-MNT created: 2023-08-16T14:29:51Z last-modified: 2023-08-16T14:29:51Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 9 threat reports