IOC Radar
IPMediumSignal 0/100

213.186.33.3

Location
FranceFrance
Roubaix, Hauts-de-France
ASN
AS16276
OVH SAS
First Seen
Jun 5, 2020
Last Seen
May 13, 2026
Jun 5
First Seen
2197d ago
May 13
Last Seen
29d ago
4
Reports
source reports
0%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryFRFrance
RegionRoubaix, Hauts-de-France
ASNAS16276
OrganizationOVH SAS

Feed Intelligence Summary

4 reports0% confidence
4
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
May 13May 13

Threat Activity Heatmap

· Peak: 2026-05-13
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
4
Reports
First seenJun 5, 2020
Last seenMay 13, 2026
GeolocationFR
CountryFrance
LocationRoubaix, Hauts-de-France
ASNAS16276
OrgOVH SAS
Coords48.8591, 2.2935

VirusTotal

Not checked

WHOIS

description
REvil / Sodinokibi and CVE-2018-8543 which affects remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. [NIST] Sodinokibi, also known as REvil, is a sophisticated ransomware-as-a-service (RaaS) variant known for its devastating impact on targeted systems and widespread distribution. It poses a significant threat to cybersecurity, encrypting files on infected systems and demanding ransom payments from victims in exchange for decryption keys. [Cybersight]. MGM- Reference guest stays Jan1,25.
raw
inetnum: 213.186.33.0 - 213.186.33.255 netname: OVH descr: OVH SAS descr: Shared Hosting Servers descr: http://www.ovh.com country: FR admin-c: OK217-RIPE tech-c: OTC2-RIPE status: ASSIGNED PA mnt-by: OVH-MNT created: 2005-08-11T12:15:48Z last-modified: 2005-10-12T15:24:47Z source: RIPE role: OVH Technical Contact address: OVH SAS address: 2 rue Kellermann address: 59100 Roubaix address: France admin-c: OK217-RIPE tech-c: GM84-RIPE tech-c: SL10162-RIPE nic-hdl: OTC2-RIPE abuse-mailbox: [email protected] mnt-by: OVH-MNT created: 2004-01-28T17:42:29Z last-modified: 2014-09-05T10:47:15Z source: RIPE # Filtered person: Octave Klaba address: OVH SAS address: 2 rue Kellermann address: 59100 Roubaix address: France phone: +33 9 74 53 13 23 nic-hdl: OK217-RIPE mnt-by: OVH-MNT created: 1970-01-01T00:00:00Z last-modified: 2017-10-30T21:44:51Z source: RIPE # Filtered route: 213.186.32.0/19 descr: OVH ISP descr: Paris, France origin: AS16276 mnt-by: OVH-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:33:42Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 years ago · Last seen 29 days ago
Appeared in 4 threat reports