210.56.29.131 Threat Intelligence and Host Information

Jun 07, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 210.56.29.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 62/100

Host and Network Information

Mitre ATT&CK IDs: T1046 - Network Service Scanning, T1595 - Active Scanning
Tags: abuseipdb, blacklist, botnet, cyber security, ioc, malicious, Malicious IP, mirai, Nextray, phishing, portscan, Port Scan, scan, sip, sipvicious, smb, ssh, tcp
View other sources: Spamhaus VirusTotal
Contained within other IP sets: blocklist_net_ua, ciarmy, normshield_all_wannacry, normshield_high_wannacry, turris_greylist

Country: Pakistan
Network:
Noticed: 50 times
Protocols Attacked: mssql
Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Spain, Sweden, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

1029 12502 137 1521 18100 1830 21 3389 3460 5560 6003 8080

CVEs Detected

CVE-2019-0708

Map

Whois Information

inetnum: 210.56.0.0 - 210.56.31.255
netname: COMSATS
descr: Commission for Science and Technology for
descr: Sustainabale Development in the South
descr: Internet Access Providers (Pakistan Chapter)
country: PK
org: ORG-CA20-AP
admin-c: ARS11-AP
tech-c: ARS11-AP
abuse-c: AC1740-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-PK-COMSATS-PK
mnt-routes: MAINT-PK-COMSATS-PK
mnt-irt: IRT-COMSATS-PK
last-modified: 2023-07-26T11:34:26Z
irt: IRT-COMSATS-PK
address: First Floor, COMSATS Headquarters,
address: Shahra-e-Jamhuriyat, G-5/2,
address: Islamabad (44000) Pakistan.
e-mail: arsaeed@comsats.net.pk
abuse-mailbox: arsaeed@comsats.net.pk
admin-c: ARS11-AP
tech-c: ARS11-AP
mnt-by: MAINT-PK-COMSATS-PK
last-modified: 2025-01-22T04:29:59Z
organisation: ORG-CA20-AP
org-name: COMSATS
org-type: LIR
country: PK
address: COMSATS Internet Services, CIS Technology Park Building, 12,
phone: +92-51-9208760
fax-no: +92-51-920-8770
e-mail: info@comsats.net.pk
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:14:44Z
role: ABUSE COMSATSPK
country: ZZ
address: First Floor, COMSATS Headquarters,
address: Shahra-e-Jamhuriyat, G-5/2,
address: Islamabad (44000) Pakistan.
phone: +000000000
e-mail: arsaeed@comsats.net.pk
admin-c: ARS11-AP
tech-c: ARS11-AP
nic-hdl: AC1740-AP
abuse-mailbox: arsaeed@comsats.net.pk
mnt-by: APNIC-ABUSE
last-modified: 2025-01-22T04:30:17Z
person: Abdul Rehman Saeed
address: First Floor, COMSATS Headquarters,
country: PK
phone: +92-051-920 8771
e-mail: arsaeed@comsats.net.pk
nic-hdl: ARS11-AP
mnt-by: MAINT-PK-COMSATS-PK
last-modified: 2023-07-26T11:33:43Z
route: 210.56.29.0/24
descr: CIS Islamabad
country: PK
origin: AS7590
mnt-by: MAINT-PK-COMSATS-PK
last-modified: 2008-09-04T07:54:28Z

Links to attack logs

Share on: