IOC Radar
IPHighVerifiedSignal 46/100

185.188.61.216

Location
SpainSpain
Barcelona, CT
ASN
AS203020
Hostroyale Barcelona Network
First Seen
Apr 17, 2026
Last Seen
Apr 30, 2026
Apr 17
First Seen
58d ago
Apr 30
Last Seen
44d ago
4
Reports
source reports
46%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryESSpain
RegionBarcelona, CT
ASNAS203020
OrganizationHostroyale Barcelona Network

IP Category

VPN
VPN exit node

Feed Intelligence Summary

4 reports46% confidence
4
Source reports
46%
Confidence score
Category tags
active scanagentattackbackbad reputationcloudcontactdemodevtcpipportenumerateeseuropeexploitation activityexploited hostgrephuntipv4kagentmalwarenetworknkabusepostgresqlproxypythonrebootresearchedreverse shellscannerselectspacesspainstrongsysdigtargetvpnweb app attack

Activity Timeline

1 total obs
Apr 30Apr 30

Threat Activity Heatmap

· Peak: 2026-04-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
4
Reports
First seenApr 17, 2026
Last seenApr 30, 2026
Verified IOC
GeolocationES
CountrySpain
LocationBarcelona, CT
ASNAS203020
OrgHostroyale Barcelona Network
Coords41.3870, 2.1701
VPN

VirusTotal

Not checked

WHOIS

description
CC=ES ASN=AS203020 hostroyale technologies pvt ltd
raw
inetnum: 185.188.61.0 - 185.188.61.255 netname: Hostroyale_Barcelona_Network country: ES admin-c: SK11044-RIPE tech-c: SK11044-RIPE mnt-routes: in-hostroyale-1-mnt status: SUB-ALLOCATED PA mnt-by: in-hostroyale-1-mnt created: 2019-05-02T10:13:51Z last-modified: 2021-07-23T07:41:10Z source: RIPE person: NOC Admin address: Office Number 11A, City Mall, Ganeshkhind Road address: 411007 address: Pune address: INDIA phone: +91-0000000000 nic-hdl: SK11044-RIPE mnt-by: in-hostroyale-1-mnt created: 2015-07-08T09:37:30Z last-modified: 2021-01-27T07:56:28Z source: RIPE route: 185.188.61.0/24 origin: AS203020 mnt-by: in-hostroyale-1-mnt created: 2021-07-25T16:13:57Z last-modified: 2021-07-25T16:14:05Z source: RIPE
references
https://www.sysdig.com/blog/cve-2026-39987-update-how-attackers-weaponized-marimo-to-deploy-a-blockchain-botnet-via-huggingface#conclusion

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 4 threat reports