I received an alert about cscript attempting to connect to 192.229.211.108. According to my research, this action could be either normal or malicious, depending on the script that is running. Is there a way for me to determine the specific script that was running from the cscript (including full commands) ?
You could do a ‘whois’ command and see who you’re connecting to. Hope that helps. 
It will help…i had used this before!
EdgeCast/Edgio, a content delivery network which used to be part of Yahoo.