IOC Radar
IPMediumSignal 94/100

210.56.17.230

Location
PakistanPakistan
Saidpur, PB
ASN
AS7590
PTCL ITI customer 55
First Seen
Oct 12, 2022
Last Seen
Feb 20, 2026
Oct 12
First Seen
1353d ago
Feb 20
Last Seen
126d ago
10
Reports
source reports
94%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
94%
Signal Score
94 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryPKPakistan
RegionSaidpur, PB
ASNAS7590
OrganizationPTCL ITI customer 55

Feed Intelligence Summary

10 reports94% confidence
10
Source reports
94%
Confidence score
Category tags
abuseaccess controlactive scanningasiabotnetbrute forcecommand and controlcommand executioncommunication protocolcredential accesscredential stuffingctadata encryptiondata exfiltrationdatabase securityddosddos attacksdecoy systemdenial of servicedhcpdistributed attackselasticsearchftpftp brute forcehttp brute forceimapindicatorinformation gatheringinitial accessinternet of thingsintrusion detectioniot botnetiot/ics attackkazakhstankaznetlateral movementldapmalicious softwaremalwaremirai botnetmssqlnetworknetwork attacksnetwork monitoringnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork traffic analysisntporaclepkpossible botnet activitypossible reconnaissance activityprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedrtbhscanscannersecurity policyserver exploitationslugsmtp brute forcesocks5sql injectionssh attacksurface webt1018t1021t1021.001t1021.002t1040t1046t1053t1055t1059t1059.003t1059.004t1059.005t1071.001t1076t1077t1078t1083t1110t1110.001t1110.002t1110.003t1190t1486t1496t1499.001t1499.002t1499.003t1505.004t1563t1565t1566t1583t1583.001t1583.002t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationstelnet threatthreat intelligencethreat preventionunauthorized access attemptvnc protocol

Activity Timeline

1 total obs
Feb 20Feb 20

Threat Activity Heatmap

· Peak: 2026-02-20
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
94
SIGNAL
Signal Score
94%
Confidence
10
Reports
First seenOct 12, 2022
Last seenFeb 20, 2026
GeolocationPK
CountryPakistan
LocationSaidpur, PB
ASNAS7590
OrgPTCL ITI customer 55
Coords31.4859, 74.3735

VirusTotal

Not checked

WHOIS

description
Information from proprietary sensors in the KazNET
raw
inetnum: 210.56.0.0 - 210.56.31.255 netname: COMSATS descr: Commission for Science and Technology for descr: Sustainabale Development in the South descr: Internet Access Providers (Pakistan Chapter) country: PK org: ORG-CA20-AP admin-c: ARS11-AP tech-c: ARS11-AP abuse-c: AC1740-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-PK-COMSATS-PK mnt-routes: MAINT-PK-COMSATS-PK mnt-irt: IRT-COMSATS-PK last-modified: 2023-07-26T11:34:26Z source: APNIC irt: IRT-COMSATS-PK address: First Floor, COMSATS Headquarters, address: Shahra-e-Jamhuriyat, G-5/2, address: Islamabad (44000) Pakistan. e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ARS11-AP tech-c: ARS11-AP auth: # Filtered remarks: [email protected] was validated on 2025-01-22 mnt-by: MAINT-PK-COMSATS-PK last-modified: 2025-01-22T04:29:59Z source: APNIC organisation: ORG-CA20-AP org-name: COMSATS org-type: LIR country: PK address: COMSATS Internet Services, CIS Technology Park Building, 12, phone: +92-51-9208760 fax-no: +92-51-920-8770 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:14:44Z source: APNIC role: ABUSE COMSATSPK country: ZZ address: First Floor, COMSATS Headquarters, address: Shahra-e-Jamhuriyat, G-5/2, address: Islamabad (44000) Pakistan. phone: +000000000 e-mail: [email protected] admin-c: ARS11-AP tech-c: ARS11-AP nic-hdl: AC1740-AP remarks: Generated from irt object IRT-COMSATS-PK remarks: [email protected] was validated on 2025-01-22 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-01-22T04:30:17Z source: APNIC person: Abdul Rehman Saeed address: First Floor, COMSATS Headquarters, country: PK phone: +92-051-920 8771 e-mail: [email protected] nic-hdl: ARS11-AP mnt-by: MAINT-PK-COMSATS-PK last-modified: 2023-07-26T11:33:43Z source: APNIC route: 210.56.17.0/24 descr: CIS Lahore country: PK origin: AS7590 mnt-by: MAINT-PK-COMSATS-PK last-modified: 2008-09-04T07:54:28Z source: APNIC
references
https://list.rtbh.com.tr/output.txt, https://threats.kz

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 4 months ago
Appeared in 10 threat reports